Video Screencast Help

How to restrict users from making configuration changes in client end

Created: 31 Jan 2013 • Updated: 03 Feb 2013 | 8 comments
This issue has been solved. See solution.

Hi all,

How to restrict users from making configuration changes in client end. i mean will not be able to do any changes from their system.

Comments 8 CommentsJump to latest comment

Ambesh_444's picture

Hi,

Please go through the below article and let me know.

http://www.symantec.com/business/support/index?pag...

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

SOLUTION
Ashish-Sharma's picture

 

Check this artical

 

How to block a user's ability to disable Symantec Endpoint Protection on Clients

http://www.symantec.com/business/support/index?page=content&id=TECH102822&locale=en_US

 

How to restrict users from making configuration changes to the Symantec Endpoint Protection client.

http://www.symantec.com/docs/TECH102370

 

also you can protect sep client service

 

You can Set uninstall password SEP client

  1. In the console, click Clients.

  2. Under Clients, select the group for which you want to set up password protection.

  3. On the Policies tab, under Location-independent Policies and Settings, click General Settings.

  4. Click Security Settings.

  5. On the Security Settings tab, choose any of the following check boxes:

    • Require a password to open the client user interface

    • Require a password to stop the client service

    •  Require a password to import or export a policy

    • Require a password to uninstall the client

  6. In the Password text box, type the password.

    The password is limited to 15 characters or less.

  7. In the Confirm password text box, type the password again.

  8. Click OK.

Check this thread

https://www-secure.symantec.com/connect/forums/not...

https://www-secure.symantec.com/connect/forums/how...

 

Thanks In Advance

Ashish Sharma

 

 

zafar1907's picture

Hi,

You can restrict the user By password protection so user can not access without password
Or
Follow the below steps:
Logon to the Symantec Endpoint Protection Manager Console
Browse to Clients
Select the Group
Click Policies
Expand Location-specific Settings
Click on Tasks to the right of Client User Interface Control Settings
Click on Edit Settings
Click on Customize to the right of Server Control
To restrict access to the Symantec Endpoint protection tray icon, un-check the Display the notification area option.
To restrict access to the Symantec Endpoint protection tray icon and the user interface, un-check the Display the client option.
Click OK
Click OK to save changes to the location specific settings policy

Referance:-
http://www.symantec.com/business/support/index?pag...

Regards,
Zafar

Thanks and Regards,

Mohammad zafar

Please Mark as solution if this comment solved your Issue....

Sumit G's picture

Agree with above Ashish comment to restrict the user interference with password will sort your issue.

Regards

Sumit G.

Mithun Sanghavi's picture

 

Hello,

You can determine the level of interaction that you want users to have on the Symantec Endpoint Protection client. Choose which features are available for users to configure. For example, you can control the number of notifications that appear and limit users' ability to create firewall rules and virus and spyware scans. You can also give users full access to the user interface.

The features that users can customize for the user interface are called managed settings. The user does not have access to all the client features, such as password protection.

To determine the level of user interaction, you can customize the user interface in the following ways:

  • For virus and spyware settings, you can lock or unlock the settings.

  • For firewall settings, intrusion prevention settings, and for some client user interface settings, you can set the user control level and configure the associated settings.

  • You can password-protect the client.

To password-protect the client

  1. In the console, click Clients.

  2. Under Clients, select the group for which you want to set up password protection.

  3. On the Policies tab, under Location-independent Policies and Settings, click General Settings.

  4. Click Security Settings.

  5. On the Security Settings tab, choose any of the following check boxes:

    • Require a password to open the client user interface

    • Require a password to stop the client service

    •  Require a password to import or export a policy

    • Require a password to uninstall the client

  6. In the Password text box, type the password.

    The password is limited to 15 characters or less.

  7. In the Confirm password text box, type the password again.

  8. Click OK.

Check these Articles which may assist you with all the Information you are looking for:

How do you lock down SEP client interface so that end users cannot disable components or modify settings.

http://www.symantec.com/docs/TECH136678

How to block a user's ability to disable Symantec Endpoint Protection on Clients

http://www.symantec.com/docs/TECH102822

How to restrict users from making configuration changes to the Symantec Endpoint Protection client.

http://www.symantec.com/docs/TECH102370

Again, Check this Thread:

https://www-secure.symantec.com/connect/forums/how-do-i-temporary-enable-users-ability-disable-symantec-endpoint-protection-clients

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Ambesh_444's picture

Hi,

Please let me know if any more help required?

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

Sumit G's picture

 

Have you applied above comments?

If your issue sort out with above comments then mark the thread as a solution.

Regards

Sumit G.