Video Screencast Help

System Lockdown Configuration Issue

Created: 13 Mar 2013 • Updated: 13 Mar 2013 | 9 comments
This issue has been solved. See solution.

I'm trying to set up System Lockdown on our SEP 12.1.2 server, and am using HOWTO81094 for guidance. I've created file fingerpint list using checksum. However, when I try to import the list in the options for System Lockdown (under Approved Applications), I am unable to add the list. When I click on Add, I get an error saying..."There are no file fingerprint lists available to add". Any ideas why this is happening? Thanks!

Operating Systems:

Comments 9 CommentsJump to latest comment

birdman's picture

I'm trying to import it - no luck. At step 3 of HOWTO80855, I get the above listed error (There are no fingerprint lists available to add).

ᗺrian's picture

Is this just a simple .txt file or some other format?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SMLatCST's picture

Following on from your issues using your stated article, are the files placed locally on the SEPM or served over the network?  and which method are you using (UNC/FTP/HTTP/etc)?

birdman's picture

The file created is a .txt file and is already in the ANSI format. I'm not even getting the option to choose a file though (to import).

SMLatCST's picture

I'm a little lost as to where you're encountering this message.

Are you trying to manually add this now, as opposed to using the automated process?

SMLatCST's picture

Perhaps you could provide a few screenies to help illustrate what is going on?

I've just tested the steps in HOWTO81094 and they appear to work fine for me.  Maybe you could show us what's in your index.ini too?

Here's what I did:

  1. Click on POLICIES -> Policy Components -> File Fingerprint Lists
  2. Added new fingerprint list called testfilefingerprint using test.txt (see attached files)
  3. Placed index.ini and testmore.txt (attached, rename index.txt to index.ini first) in the "%Program Files%\Symantec\Symantec Endpoint Protection Manager\data\inbox\WhitelistBlacklist\content" directory
  4. Waited for it to update

Note: This assumes you're testing using the SEPM's default domain

test.txt 133 bytes
testmore.txt 44.25 KB
index.txt 165 bytes
birdman's picture

I found the issue. I must have had an issue with method using placement of index.ini and text file (.ini syntax?). When I used method to import fingerprint list via HOWTO80855 (I was missing a step on this initially!), everything worked great. This is very powerful! Thanks all for the help!!