Has anyone had any luck with deploying policies? Installed EPO 4.5 with Sql 2005 express--> when ever i try to deploy a policy i get an error message that reads "violation of unique key constraints 'IX_EPOPolicyObjects_TypenameserverID' " i have created the system tree, deployed agents to my servers, allowed policy sharing, assigned a policy to my system tree group, created a task called "policy share" and when i try to deploy even the default policy (that has been allowed to be shared) i get the above error. We are evaluating this product before we purchase it and so far i am very disappointed with the documentation--there should be a step by step set up guide, i should not have to look all over the website using the videos and the documents to try and figure out how to set this thing up. we may be moving on to symantec's HIPs product soon--the support guides are not helping at all. so any ideas with this error message?
Can I ask exactly what you're trying to achieve? The reason is that the server task that you mention is intended for sharing policies between multiple ePO servers, and I get the feeling that's not your environment...
Thank you for your post! Yes you are right i do not have multiple EPO servers in our environment---grrreat. so i guess i am not the wrong track and dont need to do the policy share from the server tasks hmmm.
what i want to do is deploy a policy to our managed server in adaptive mode and then retain the rules...im going to go try that piece of it again and get back with you. Before when i tried this nothing happened and there were no rules to retain, nothing was happening --- thats when i went onto the server sharing thinking that was the answer. thanks again for your post!
In a nutshell, what you should be doing is:
1) Create a policy object with the settings you want (presumably a hips policy)
2) Assign that policy object to the group (or individual machine) that you want to obey this policy
3) Wait for the machines to communicate with the server to collect the policy (or send a wakeup call if you don't want to wait )
Hello Joe i created the policy, assigned the policy to the group and placed it in adaptive mode, and then sent a wakeup call to my agents. Where can i view the adaptive rules its creating for me? i checked the box that says "retain rules" but where can i view the rules it creates??? thank you, megan
According to my colleagues who know lots more about HIPs than me, the rules generated on the clients are passedback to ePO and then converted so that they become available in the policy catalog. You can query for the rules that have been created using the Client Rule queries as well.
I have created a policy running in adaptive mode through the EPO and pushed it out to my servers which have the agent running on it. While in adaptive mode new rules should be recorded and are supposed to show up under menu>reporting>hostIPs correct?????? the problem is: no rules are showing up or being logged where are the rules that are supposed to be logged? i have verifed that logging is enabled on the agents, communication is allowed back to the EPO, windows firewall is off, i watch the logs on the agent running on the managed server and can see the policy being deployed to the agent on the server---everything looks good---so why are no rules being logged while in adaptive mode? any ideas???
By default only the rules from computers in the group you have selected on the left of the HIPS reporting page are displayed and the group it defaults to is My Organization which typically contains no computers. Either select This group an all subgroups in the filter drop down list or navigate to the group that contains the computer you generated the events on.
Thank you for the reply back. I have tried This group an all subgroups when my organization is highlighted and also when my subgroup is selected i still see nothing in the Menu>Reports>HostIPS section looking at the application rules tab. Any other ideas????