@stevenheritage We are actively investigating this issue and are in progress of narrowing down what aspect of Exploit Prevention may be involved. You mention you have a case with Support, could you please let me know what your SR # is?
Since your stating that you are not seeing blocks logged, the next steps will likely be to collect AMTrace data in order to examine the kernel level actions during the boot + login process in effort to reveal the catalyst of this issue.
Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?