I am running ePO 4.6.4 (Build: 202) and attempting to build a complex series of Policy Assignment Rule-sets to apply most of my more difficult policies to machines. I have 22 rules. The rules apply mostly to HIPS (8.0) but I also have rules in place for VSE for Linux (1.7) and Policy Auditor (6.1)
I cannot get the rule-sets to apply. During agent-server communication a rule refuses to apply (and according to what I can find in the product guide for 4.5 and 4.6, that is when it should occur.) I have done everything I can think of, including ensuring the tag works, the Agent-Server communication is up, the Products that a rule-set were applied to were installed on the System (in this case HIPS 8.0 has been installed via Client Task) and making sure that my policies can be manually applied to the system.
Here is an example of the issue:
Server Name: Server1
Tag applied: Server1 Object (Tag is assigned to all objects with a matching System Name and works correctly.)
System Location (in Tree): My Organization > SubFolder > Subfolder > Subfolder
For the life of me I cannot see why this (or any of my other) policies will not assign automatically. As this is a key part of my design (and must be fully re-producable by a non-experienced technician in the field, the whole reason I want to deal with the rules in the first place) I really need this to work as expected.
Ok, so a day later I have finally bothered to replace the HIPS General "McAfee Default" policy with my normal HIPS UI policy. The important difference between the two is that my policy allows the UI to appear in the tray. I knew that the product had installed, but had not actually opened HIPS. Lo and behold, checking the HIPS Firewall policy as actually applied on the server shows that the correct Firewall policy is there, even if EPO does not really reflect that.
I have been relying on ePO to tell me what policies are assigned to my systems, assuming that when I select the server as listed in the policy above, and select Actions > Agent > Modify Policies on a Single System that I would see that the Policy Assignment Rule had changed the assigned policy. Not only that, but normally when you manually assign a single policy (exactly what the PAR is doing) you can see that inheritance has been broken in the Assigned Policies section of the System Tree.
The systems administrators that will be in charge of these servers will not be ePO Subject Matter Experts. What is the best way to have them verify that policies are being assigned? I cannot find a log or a way to verify that all of my PARs are working as intended, and it is too cumbersome to have them check every server. If it is it not easily checked, I am better off making them assign the policies manually so at least they can tell what the currently assigned policiy is in the System Tree.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.