cancel
Showing results for 
Search instead for 
Did you mean: 

VSE Access Protection Rules Reverted to Default

I've got a Windows 2003 SP2 Server with VSE8.0i, Patch 16, Engine 5300 and ePO Agent 3.6.0.574. I've edited the Access Protection Rule to allow a 3rd party mail client to send out emails from this server. However, upon rebooting, the customisation is reverted back to original. I've checked the ePO Server and am please to note that policies relating to VSE8.0i are not enforced on this particular server.

Anyone able to tell me if I missed out anything? Anyone can help me with this problem?
Tags (1)
11 Replies
pg13
Level 9
Report Inappropriate Content
Message 2 of 12

RE: VSE Access Protection Rules Reverted to Default

In ePO, modify your rule. Then send a wake-up call to push the policies. After that, run cmdagent /E to see if the modified rule is still applied.

RE: VSE Access Protection Rules Reverted to Default

I supposed I've forgotten to add that the server in question is not inheriting its Access Protection Rule from the ePO Server. In fact, all our servers do not get their policies from ePO at all even though they are reporting to the ePO Server and obtaining updates from it.

In this case, I've edited the Rule locally to allow a 3rd party email client to send emails out but after a server reboot, the rule reverts back to default (which disallows the 3rd party client).

Anyone knows the reason? As for the fix, I'd be enforcing the rule with the 3rd party app allowed just for this machine....

RE: VSE Access Protection Rules Reverted to Default

 

I supposed I've forgotten to add that the server in question is not inheriting its Access Protection Rule from the ePO Server. In fact, all our servers do not get their policies from ePO at all even though they are reporting to the ePO Server and obtaining updates from it.



Why on earth not ? - ePO allows different server policy settings from workstations....:confused:

RE: VSE Access Protection Rules Reverted to Default

Apparently, my boss decided that she wants the individual system administrators to customise their own rules on 'client' end rather than have me central customise the rules.

I know this sounds silly but since my boss says so, can I refute it?

RE: VSE Access Protection Rules Reverted to Default



Crazy IMO - I'm guessing that you only have a few servers - economies of scale on centralised management of server policies and visibility and enforcement of Company Security Policies are the "usual" sort of things used to "sell" the ePO approach - don't really understand the mindset that think it's "good" for PC's but "bad" for servers - but "Hey Ho" Smiley Wink

Jim

RE: VSE Access Protection Rules Reverted to Default

You're wrong, we have at least 40-50 windows servers alone!

RE: VSE Access Protection Rules Reverted to Default

anyone can help?

RE: VSE Access Protection Rules Reverted to Default



40-50 counts as not many to me (500-600) Smiley Wink
- but still more effective to manage centrally IMO...

...regarding the problem - it still sound slike the policy is being enforced - have you tried changing a policy item on the server policy and seeing if it appears at the client end ?

Jim

RE: VSE Access Protection Rules Reverted to Default


well, no matter 50 or 500, i'm all for central management. however, as i mentioned earlier, my boss had other ideas...

regarding the problem, i've checked and ensure that no doubts the server-group had been assigned policies, it's status was indicated as 'not enforcing'. as such, my understanding would have been that the policies assigned to the servers are not being enforced at all at the 'client-end'.

am i right to assume this?