That would be very helpful. Are privileged groups temperamental? I currently have two groups configured in this section. One group is functioning as I thought it would (meaning its not blocking any of my rules), but the other group (Domain Admins) I have set up is not.
I then tried going away from privileged users for domain admin and set up rules to allow usb and allow cd/dvd burning. These policy changes don't seem to be taking. when I find my test machine in the system tree and under dlp it shows no policies applied...
Just doesn't make sense why one privileged group works and the other doesn't....
You may want to use those commands on the endpoint to confirm.
Another option would be to use the Agent Diagnostic tool from the McAfee download page for troubleshooting policy enforcement issues.
Turns out this was related to AD "OU" and an AD "Container". The group that was working properly was located in an AD "OU". The group that was not working was located in an AD "container". Once I moved the group from a "container" to an "OU" it work perfectly.
I am surprised I didn't notice this sooner. My user acct is on one domain, ,and my computer acct is on a different domain. so the domain local is in the same domain as my user account and my computer acct in AD is in a child domain as my user acct. So the security group isn't applying I think because the system is in a child domain. hence why why DLP testing wasn't working with the security group I checked ....... LOL