Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Problem

A manually created blacklisting or deny execute policy that has no application targets will apply to all programs and services and prevent them from running on an end-user's machine. If a new deny execute policy is created and enabled with out limiting the application target scope of the policy or is not being used with a proper whitelist, the bad blacklist policy will get rolled out and begin denying execution of all applications. This include userinit.exe which will prevent users from logging in after a reboot. Those computers will act as if they are frozen because no new processes can get created.

Solution

  1. First login to the Arellia Management Console on the Server and disable the bad Blacklisting Policy.
  2. Restart the computer that has been effected by the Blacklisting Policy in Safe mode.
  3. Open the Administrator Tools in the Control Panel and then Services.
  4. Find Arellia Application Control, right click and select Properties.
  5. Change the Startup Type to Disabled, Click OK and restart the computer.
  6. After restarting the computer right click on the Symantec Management Agent icon in the taskbar and select Symantec Management Agent Settings and then click Update to update your policy.
  7. You should now be able to open all the programs and services that were previously blacklisted.
  8. Open Services again from the Control Panel and change the Arellia Application Control Startup Type to Automatic.
  9. Restart your computer and everything should work as normal.

More information onĀ how to configure blacklisting policies

  • No labels