I am new with MAC, watched a lot of videos and been reading a lot of documents and forum, but i couldn't find or work my way to allow an application run from a Network Shared directory.
The app will run by a startup script and no will not do any updating or changes.
Managing this using ePO, I have put in the Custom Rule Group, input the .exe binary by manual SHA1 and also auto_Policy Discovery method, input the Network Shared as Trusted Directories.
Policy Discovery, allow binary globally, Policy Discovery Create custom Policy and apply to existing Custom Policy
All these steps had been done and applied to the Group, and send to endpoint by using Force Policy from endpoint agent. But i am still getting Execution Denied \\ServerName\Tools\AppFolder\App.exe
The error from the Application Control Events popup saying App.exe is not on the corporate whitelist and will not be allowed to run
Been struggling with this for like 2 weeks now
A common issue that can prevent an Application Control policy from being applied to the endpoint is that the CLI on the endpoint is "recovered". If the CLI on the endpoint is recovered, policy changes in ePO will not be applied until it is locked down again. You can use a task in ePO to lock down the command line, or you can do it from the endpoint with the command sadmin lockdown
Thanks for this, the CLI is Lockdown, manage to narrow down the problem to the root cause, in order for the ThinApp to run, i have to disable Memory Protection.
What i did was disable the Memory Protection in Update Mode, so the ThinApp runs. I also put the ThinApp binary into Solidcore Rules and mark it as Updater but it still crashed if the Memory Protection enabled back. I don't think this is the right way to run this app. Can someone here help on this?
The right thing that needs to be done is my ThinApp needs to run with Memory Protection enabled. Help please