Endpoint Protection

 View Only

  • 1.  Symantec Application Control policy not updating on PC

    Posted Jun 13, 2013 02:19 PM

    3 SEPM servers with replication and all other things seem fine.  Client PC built from image using cloneprep tool.  Win 7 32 Bit managed SEP.

    We had some exe files listed and blocked in the Application and Device control policy.  Users got the usual block and pop up notice.  Used the block applications from running, block process launches.

    Removed two applications (filename.exe) from ADC policy but PC still blocks it.   No longer listed.  Other blocks still work also.

    Replication shows the exe's removed on all servers in the same policy.

    Need to do a global exception of the exe and check "Application Control" to override or users keep getting blocked.

    Also removed and reinstalled SEP 12.1.2015.2015 fresh with no change.  Edit policy on server and update local policy from shield.  Even rebooted.  New policy time stamp matches in the SEPM console and the PC troubleshooting.

    Any known issues where the changes/removals do not get applied on the PC?

    Any way to clean/clear a local copy of the policy or setting and force it to update?

     

    Thanks.

     



  • 2.  RE: Symantec Application Control policy not updating on PC

    Posted Jun 13, 2013 02:30 PM

    Sounds like maybe a corrupt policy. See if you can clear out on an affected client

    To resolve the issue:

    1. Stop the SMC service by clicking ‘Start’ then in the Run box type “Smc –Stop”.
    2. Go to C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\<version number>\Data\Config and find the Serdef.dat and Serdef.dat.bak.
    3. Rename the serdef.dat file to serdef1.dat.
    4. Rename serdef.dat.bak back to serdef.dat.
    5. Start the SMC service by clicking ‘Start’ then type in the Run box “Smc –Start”.

    The client will now use the serdef.dat backup file to connect with the SEP Manager and get the new policy/updates.



  • 3.  RE: Symantec Application Control policy not updating on PC

    Posted Jun 13, 2013 02:35 PM

    Export and import the policies

    Exporting and importing policies

     

    http://www.symantec.com/business/support/index?page=content&id=HOWTO54853



  • 4.  RE: Symantec Application Control policy not updating on PC

    Posted Jun 14, 2013 04:51 AM

    Hi

    Try installing the SEP client

    Regards

     



  • 5.  RE: Symantec Application Control policy not updating on PC

    Posted Jun 14, 2013 07:33 AM

    Have you verified the clients and server policy serial number is same or not?



  • 6.  RE: Symantec Application Control policy not updating on PC

    Posted Jun 14, 2013 10:20 AM

    Hi I have seen this a few times.

    You mention that the Policy is identical on both the client and SEPM, but there might be problems with only the A/D policy. So check if the A/D policy gets applied in the SEP agent system logs after you perform changes.

     

    Also check this:It might be related so you can try.
    Check the report: "Computer Status\Client With latest Policy\"

    See if all clients are running the current policy.

    In the advanced field try to set the "Server" field to a different SEPM server. This is the SEPM your clients are communicationg with. When I have experienced this, usually only the clients connected to one of the SEPMS  are outdated. When identifying which SEPM is not updating clients.


    Reboot it. That has worked for me a few times.

    If that doesn't work. Change your management list to point all clients to the working SEPM while you troubleshoot the one not updating clients.


    Torb