Endpoint Protection

 View Only

  • 1.  allowing non admin to perform live updates

    Posted Jul 10, 2014 09:03 PM

    when we add a user/computer onto the domain, we've always granted the user local admin rights so it was never a problem. Moving forward, we will be taking this privilege away and start locking down the machines so that won't be able to install softwares and modify the system etc... However, as I'm doing this, I also noticing that SEP 10 wouldn't update unless an administrator (local or domain) is logged on. What's the work around for this? Domain is Server 08 R2 and Clients are all Win 7.

     

    BTW: All the installs are "unmanaged" 



  • 2.  RE: allowing non admin to perform live updates

    Posted Jul 10, 2014 09:06 PM
    Shouldn't matter if the user is admin or not. Content will still update. Also, there is no SEP 10, its either 11.x or 12.1. Which one?


  • 3.  RE: allowing non admin to perform live updates

    Posted Jul 10, 2014 09:56 PM

    you're correct, we're on 11.x 

    I'm gonna take another look, I know more than one instance when I log onto a machine that I haven't add the user to the local admin group with my account SEP takes an update and the definitely date is definitely not a couple days old. 



  • 4.  RE: allowing non admin to perform live updates

    Posted Jul 10, 2014 10:10 PM

    In past environments I've worked in all users were non-admin of their workstation (both managed or non-managed SEP.) This would be bad news if only admins were able to receive updates surprise

    With that being said, never seen this behaviour.