Showing results for 
Show  only  | Search instead for 
Did you mean: 

can't unlock user interface option

McAfee 8.5.0i, patch 5, managed by ePo 4.0. About 300 seats. the ePo policy for User Interface Options shows that all items in the console are supposed to be password protected, and when I'm logged into a workstation as an admin, they are. That is, I can start the console, click Tools/Unlock User Interface, enter a password, and have access to disable access protection, stop on-access scanning, etc.

However, when I'm logged on to the same workstation as a regular user, I can't do that. All options are grayed-out, and I can't stop the services (which our helpdesk techs sometimes need to do for troubleshooting).

What I don't get is that I don't see anything in ePo policies that says "admins can do this, users can't." I'd like for any logged-in user to be able to enter the password (which we change regularly and don't give out to users) and access the console.

What am I missing here?
7 Replies

RE: can't unlock user interface option

We're also having this issue. :confused:

VSE 8.5 Patch 7 on an ePO 4 P3 core.

Any help is appreciated.

it's by design

Hmmm... I guess I should have read the documentation:

Non-administrators — Users without administrator rights. Non-administrators run all VirusScan Enterprise applications in read-only mode. They can view some configuration parameters, run saved scans, and run immediate scans and updates. They cannot change any configuration parameters, create, delete, or modify saved scan or update tasks.

Administrators — Users with administrator rights. Administrators must type the password to access the protected tabs and controls in read/write mode. If a password is not provided for a protected item, they view it in read-only mode.

So, the password only matters to Admins. I just now got back to my desk after talking to helpdesk and telling them that they can't try to "solve" problems by disabling the software- they'll have to troubleshoot the problem, ask for exceptions to scans, etc.

Good luck,

RE: it's by design

Well alrighty. I can unlock the console now by dropping the console exe into a runas window launched with local admin privs.

I tried explaining the idea to a McAfee technician over an IM session. They insisted that I had to log off of the machine and log back on as an admin to do this. My response "Um, no, I would lose my IM to you then."

Either way, I can get to it now. Props to bhamill for reading the manual and educating the masses.


RE: it's by design

When in doubt, RTFM. Thanks to you for the workaround suggestion.

Please advice step by step

Can you please advice me on how did you do it step by step? I'm now facing the same problem. Thank you

RE: Please advice step by step


The snippet below is based on the assumption of trust. Do you trust the machine that you will be typing your administrative credentials into? Is there a keylogger or malicious app resident to the machine that will glean your password?

A word of advice: supply a local admin account if possible and NOT a domain admin account. Local admin privs that are compromised suck, domain admin privs that are compromised are on another level (literally!).


Open a command prompt.
"runas /user:LocalAdmin cmd" where 'LocalAdmin' is a local or domain admin on the machine.

Once the new window is opened with the admin privileges (the title should read 'c:\windows\system32\cmd.exe (running as LocalAdmin)'), launch the VirusScan console ('c:\program files\McAfee\VirusScan Enterprise\mcconsol.exe').

Once the console is opened, go to Tools->'Unlock User Interface'. By providing the password, you are no longer in read-only mode. Please remember to lock the interface back when done. AND CLOSE THE COMMAND SHELL WHEN FINISHED.

This works on an XP machine.

FYI, I NEVER log into my machine with an admin account. I open the command shell with elevated privs and drag-n-drop the application icon(s) into the shell. Wanna browse to a folder with elevated privs? Type 'cd' then drag the folder icon into the shell; this places the command shell in the directory 'dropped' into the shell.

Fire away.

A word of caution: not everything should be run with administrative privileges. I also recommend that you DO NOT LAUNCH Internet Explorer with elevated privs unless absolutely needed.

Your mileage may vary, have fun.

Re: can't unlock user interface option

Thank you very much BH:)

You helped me crack it.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community