I have a problem.
I install ePO4.0 Patch6, MA4.5 and DLP 3.0 in Server 2003 SP2 Enterprise English.
Workstations with XP SP2, tha agent DLP is Passive mode. The agents was reinstall and the status continued passive.
In this case , the policies of DLP in not applyed because the agent status is passive, but, the functions of device control is normaly.
What are cause this problems?
HDLP 3.0 has 3 possible agent status values:
The HDLP agent status will show as passive if:
When the machine is logged-off (i.e. in passive mode) the agent service will receive the new policy but will not be applied until login. To validate that HDLP policy is applied on a specific machine you need to validate the “Policy version” field in the DLP properties in ePO.
The HDLP agent status will show as broken if their is an issue during the HDLP agent install and the self remediation mechanism tries to reinstall the HDLP agent drivers and fails.
The HDLP agent status is active when all of the following conditions are met:
Following thorough investigations on the behavior of the machine, I found a registry key agent HDLP3 that defines the status of functioning.
You can not change the value of the key, then delete the key and restarted the machine.
On reboot the key is recreated and changed from Passive (0) to Activate (1).
Key: [HKEY_LOCAL_MACHINE \ SOFTWARE \ McAfee \ DLP \ Agent \ Properties \ Agent]
Delete this entry "Active" = "0"
All OK now.