Block users from disabling SEP 12.1 client
Hi,
We're looking for a sollution to allow only admins with the password to disable the SEP client.
I have followed the guide to disabeling this function; but the result is not what i'm looking for.
How to prevent SEP features from being disabled in the client GUI in SEP 12.1
Allow Administrators to Disable SEP 12.1 on all Clients
The SEP GUI is password blocked, this prevents users from accessing the console.
I have also set the password to stop the client, however the password is never prompted when disabling from the tray.
After folowing these guides, it is no longer possible to disable the client from the tray (it's grayed out).
But it is also not possible to disable specific functions from within the gui.
When an admin logs on to the GUI I want them to have full control over all settings.
How do I force the password promt when disabling the client (from the tray), without blocking all settings in the GUI (which the user can't access anyway...) ?
Thank you,
Domien
Comments 6 Comments • Jump to latest comment
Hi Domein,
Q .How do I force the password promt when disabling the client (from the tray), without blocking all settings in the GUI (which the user can't access anyway...)
--> I believe it's not possible or it's not designed that way.
However you can raise an idea or put the product enhancement request.
Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.&
Check here
How to block a user's ability to disable Symantec Endpoint Protection on Clients
SEP Knowledge Base
Endpoint SWAT
Hi,
Brian, I did see that one... but after folowing it the result isn't what we would like.
It grays out the "disable SEP " option from the tray completely... thus forcing admins to find ways around this. Also it blocks admins when logged into the gui from changing certain settings.
Chetan,
I have the same feeling, it's just not designed this way. But that raises the question why can you setup a "disable password" in the console if the client doesn't use this.
Also, where would I request this modification / feature?
Thank you,
Domien
Hi,
Put the enhancement request here:
http://service1.symantec.com/DISCUSS/SUPPORT/feedb...
Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.&
You can try the symantec ideas forum:
https://www-secure.symantec.com/connect/security/i...
Hi,
Thank you both for your support.
I see I've created a second thread, excactly like this one. My appoligies!
For those looking for answers;
https://www-secure.symantec.com/connect/forums/block-users-disabling-sep-121-client
I have filled the feature request; and will create a post in the forum.
Kind Regards,
Domien
Would you like to reply?
Login or Register to post your comment.