Showing results for 
Show  only  | Search instead for 
Did you mean: 
Level 7
Report Inappropriate Content
Message 1 of 4

User-Defined Rules for servers

I'm going through adding user defined rules for cryptolocker as laid out in the article below. All of my desktops are getting these new rules with no problem but none of my servers are. I applied the rules under "my organization" and made them under server and workstation. Nothing that i can see is blocking the inheritance. Any idea where i should begin looking? Thanks in advance

3 Replies
Level 8
Report Inappropriate Content
Message 2 of 4

Re: User-Defined Rules for servers

ePolicy Orchestrator 5.1.2 (Build 348) - Mozilla Firefox_4.png

Have you applied them there?

Level 7
Report Inappropriate Content
Message 3 of 4

Re: User-Defined Rules for servers

My apologies for not posting my findings. I had everything correct. I did the workstations one day then servers the next day. MS patches were installed that night and something stopped my clients from communicating with the server. After a reboot everyone got the correct policies. Thanks for your response.

Re: User-Defined Rules for servers

If you want to duplicate the rules from workstations to servers, here's a note I wrote up:

To duplicate the workstation rules onto the server rules in epo, export the xml file.

- search for Wrkstn_APRules

- Copy all the rules below it (eg Setting name="APRuleBlock* )

- Paste the rules below <Section name="Server_APRules">

- Modify this value after the server rules so that it matches the workstation (it's a count of the number of rules): <Setting name="dwAPRuleBlocks" value="23"/>

- modify this name so there won't be a duplicate policy name when imported, otherwise it will overwrite the existing policy: <EPOPolicySettings name="My Defaults: (the name between " and : )

- change the name here to match the above name: <EPOPolicyObject name="

- change the name here as well: <PolicySettings>

Then do an import. If you changed the name to something new, then they will be imported into a new policy, otherwise they will overwrite the existing policy that you originally exported.

However, what we are doing internally is deploying all as one type, workstations. It keeps things simpler, and so far has worked for us.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community