Endpoint Protection

Hello,

I work for a L-3 Technologies division in the IT department.  We just recently (within the last month) upgraded our SEP Management server to Ver 14 MP1 build 2332.  We have upgraded two laptops on our network for test purposes and they're the only two machines currently showing this issue.  Since that upgrade we have had problems adding/enabling Device Hardware exemptions to the Applications and Device Control Policy our Corporate office gave us.  I may just have to end up talking with them but wanted to also try the forums to see if there was a known bug.

We usually just plug in the USB device drive (Flash drive or external, etc.) to a client machine and the device would disable via the policy.  We then go in to Device Manager and go to the properties of the disabled devices.  Some of these have two drivers (one for CDROM and one for drive) that we copy the Device Instance Paths for.  Once we'd add them to the exemption list the devices would eventually be enabled (might take 10 mins to a half hour).  Since we upgraded the SEPM console though the two laptops that are in our test group can't get any of the device drivers to enable and install.  Is there a known bug with this SEPM and client versions concerning exempting devices?

 

Checked the public KB but didn't see anything specific. If the ADC component is enabled does this work as expected? 

Hi, Kindly check few things - 1. Check if the policy is applied to the grp and client has taken the policy (check the policy serial no.) 2. Check if the policy is configured properly 3. Check if the clients are installed with ADC ( GOTO help - troubleshoot - install settings)

Brian,

Yes, the ADC component is enabled but the Device Exemptions that I used to put in without issue no longer work.  Any exempted device I add to the list is always disabled.          

You're welcome. Thanks for the update.

-Brian