Exception of User to the applied policy
Created: 12 Feb 2013 | Updated: 13 Feb 2013 | 10 comments
This issue has been solved. See solution.
Hi,
I just want to know if there is a way to exempt user mode in the policy?
Discussion Filed Under:
Comments 10 Comments • Jump to latest comment
HI,
Please clear your answer ?
Please check this thread as per my understanding your question
https://www-secure.symantec.com/connect/forums/need-help-sepm-firewall-policies-single-clients
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
Use can set the password to remove the user interferance
Securing the Symantec Endpoint Protection (SEP) client user interface and settings.
How to block a user's ability to disable Symantec Endpoint Protection on Clients
Regards
Sumit G.
Policy is applied on groups..so it cannot exclude or include user/computer.
Vikram Kumar
Symantec Consultant
The most helpful part of entire Symantec connect is the Search button..do use it.
Hello,
I agree. Policies are applied to the groups and the SEP computers reporting to these groups.
Are these Clients installed in User Mode or Computer Mode?
If incase, they are in User Mode, try Switching a client between user mode and computer mode.
Secondly, check this Article:
Symantec Endpoint Protection 11.x and 12.1 User Mode Considerations: Client Mode Registration explained
http://www.symantec.com/docs/TECH157004
I would recommend you import active directory users and apply them to groups for this situation to work the best.
Hope that helps!!
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
Hi Mithun,
Most of the clients are installed in user mode. I just want to know if there is a way to exempt a user from the applied policy. Here's the scenario. I applied application control, I blocked a certain application. And as an admin, I want to exempt myself to the said policy.
Well, that's the point of using user mode - for example if there is a particular user A that has assigned the Application control policy you speak of, and there is the administrator that does not have this policy assigned. If you log out the user A, and log in as the Administrator the policy will not apply as it is a different user.
http://www.symantec.com/docs/TECH102686
https://www-secure.symantec.com/connect/forums/com...
...as per above articles:
User mode:
The policies change, depending on which user is logged on to the client. The policy follows the user.
Hello,
I agree with Sabestian's comment above.
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
Hi All,
Is there any article that clears the issue of exempting user mode on the policy? Thanks.
Have a look at these - maybe will be helpful to you:
When does the Symantec Endpoint Protection client switch to user mode?
http://www.symantec.com/docs/TECH147033
https://www-secure.symantec.com/connect/forums/rea...
Switching a client between user mode and computer mode
http://www.symantec.com/docs/HOWTO80734
Hi All,
I need some clarification. All of our clients are set to User Mode. We have machineA that under Group A, and that group has the policy of firefox blocking. When we login to machineA using UserA, we are unable to use firefox, and that is correct. When we try to login UserB to machineB that under Group B (without policy of firefox blocking), we are able to use firefox. When we try again to login to machineB using UserA, still we are unable to use firefox. And when we try to login to machineB using UserC, we inherit the policy of UserA. Why UserC inherit the policy of UserA, though UserC is under another group that no policy of firefox blocking? (I hope you understand my explanation, sorry)
Thanks.
Would you like to reply?
Login or Register to post your comment.