McAfee Application Control and SQL Server Reporting Services
Installed, solidified and enabled McAfee Application Control(Solidifier)220.127.116.115 on WES7 (Window 7 Embedded) system, that has Microsoft SQL Server 2012 and SQL Server Reporting Services(SSRS) also installed.
However when SSRS is used to create a report it either copies or creates a DLL (ReportingServicesWebServer.DLL) in a deeply nested "tmp" folder and tries to execute it, however McAfee Application Control prevents it from running with the deny reason of: "Local Whitelist - File Not Present (deny reason code: 2) reputation score: 1000".
McAfee Solidifier prevented unauthorized execution of 'C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\RSTempFiles\reportserver\c2a527bc\9cd1a7f9\assembly\tmp\5ZY4HSUI\ReportingServicesWebServer.DLL' (sha1: c951266218a2b82b338c9b20be656dd77076e3bb, md5: 93e168e931ae8a018c7989abe257c1dc, sha256: df26f9739a6b2e505a2ab5908f79e568ee4f9ebe03aae22604a76e96b406e983, File Type: pe32) by process C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe (Process Id: 2872, User: NT SERVICE\ReportServer) whose parent is process C:\Windows\System32\services.exe, deny_reason : Local Whitelist - File Not Present (deny reason code: 2) reputation score: 1000
Another issue is that the computer generated directory that it tries to execute the DLL out of changes each time:
What is the best way to handle this situation within McAfee Application Control? I've tried adding whitelist rules, however I have not had any luck getting them to work. Here are some examples of the whitelist commands I have tried:
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.