Problem
A manually created blacklisting or deny execute policy that has no application targets will apply to all programs and services and prevent them from running on an end-user's machine. If a new deny execute policy is created and enabled with out limiting the application target scope of the policy or is not being used with a proper whitelist, the bad blacklist policy will get rolled out and begin denying execution of all applications. This include userinit.exe which will prevent users from logging in after a reboot. Those computers will act as if they are frozen because no new processes can get created.
Solution
- First login to the Arellia Management Console on the Server and disable the bad Blacklisting Policy.
- After the policy has been disabled, each of the endpoints need to do a configuration update so they remove the bad policy.
- The easiest way to do this is to run an Update Client Configuration task on each of the endpoints. To do this, simply create a new Update Client Configuration Task to run ASAP and schedule it to run now on all machines, or on machines that are known to have the bad blacklist.
- Alternatively, you can do it manually by following these steps:
- Restart the computer that has been effected by the Blacklisting Policy in Safe mode.
- Open the Administrator Tools in the Control Panel and then Services.
- Find Arellia Application Control, right click and select Properties.
- Change the Startup Type to Disabled, Click OK and restart the computer.
- After restarting the computer right click on the Symantec Management Agent icon in the taskbar and select Symantec Management Agent Settings and then click Update to update your policy.
- You should now be able to open all the programs and services that were previously blacklisted.
- Open Services again from the Control Panel and change the Arellia Application Control Startup Type to Automatic.
- Restart the endpoints. After the endpoints have been restarted everything should work normally.
More information onĀ how to configure blacklisting policies