application control 8.2.1/ Win7 64bit/ ePO managed env
New to application control... I have deployed application control and enabled it. then i create a test batch script and try to run it, of course it's blocked, but may i know how to create bypass policy for this specific file?
As per the alert, seems I have to solidify it, am i understanding correctly?
I tried to run the client task "SC: Run Commands"-> enter the command(no quotes) 'sadmin solidify C:\Users\vadmin\Desktop\test.bat', I saw the task finished successfully but I was still not able to get the test.bat running... am I missing something?
Solved! Go to Solution.
Yes your understanding is correct.
If after executing 'sadmin solidify C:\Users\vadmin\Desktop\test.bat' , the file from same path is not executing, get us the error you observe.
We solidify files on path basis, so execution of file should be from path with which it was solidified.
Kindly try solidifying the test.bat from client task using the following command:
"so C:\Users\vadmin\Desktop\test.bat" , and try execution after this runs.
if than also you get error, then try by running command:
"auth -ac 0d37226567f25453b1e940f94b13074bd4fe3526" and then try execution of same file.
Nice to hear working fine.
I checked your solidcore.log but didn't run sadmin solidify that time.
your log ---
U.0828.5656: Mar 03 2020:10:40:20.618: SYSTEM: mapl_tasks.cpp: 1676: sadmin_handler cmd [sadmin solidify C:\Users\vadmin\Desktop\test.bat]
normal log ---
U.1316.2564: Mar 03 2020:14:39:26.585: SYSTEM: mapl_tasks.cpp: 1676: sadmin_handler cmd [sadmin so C:\Users\admin\Desktop\test.bat]
U.1316.1756: Mar 03 2020:14:39:26.585: SYSTEM: mapl_tasks.cpp: 1936: sadmin handler executing [sadmin so C:\Users\admin\Desktop\test.bat]
U.1316.1600: Mar 03 2020:14:39:28.020: SYSTEM: cmdi_process.c: 845: Command 'sadmin so C:\Users\admin\Desktop\test.bat' returned 0: Success
I don't know why it's occur. But its okay you ware success 🙂
Probably, your Local CLI Access is "Recovered". Recovered CLI mode will refuse sadmin command from ePO. Check your CLI mode on command prompt using "sadmin status" on your PC.
If CLI mode is "Recovered", you have to Lockdown first.
After Lockdown, please try "sadmin so <Path>" again.