There should be a way to disbale tamper protection on a machine locally via a command for support teams that have lost netowrk access or access to the SEPM.
Various support tools occasionally trigger tamper protection when it's set to block apart from adding these to a tamper protection exception policy accassionaly the team may get adhoc tools that are not in the policy. With the policy locked down to prevent tamper protection being disabled by the local client there seems to be no way to disable tamper protection if the machine loses network conectivity or the ability to check in with the SEPM for the support teams to fix this.
Is it possible to add a command that we can use to disable it like we have with the client (e.g. smc -stop) then it prompts for a password for example to allow support teams to do their jobs?