cancel
Showing results for 
Search instead for 
Did you mean: 
stickman
Level 12

policy not replicating in epo

Hi there guys,

Hope you guys can help with this one. New exclusions have been added in the On-Access Default Processes Policies but its not replicating to the agents. Think this might be because of database connection errors but not sure myself. Found the following line in the orion log:

2013-03-08 07:55:55,114 WARN  [http-50505-Processor21] element.QueryDashboardElementFactory  - Cannot create dashboard element with query. Reason: user not authorized to access table PAAuditBenchmarkResultView

Full logs attached.

Regards,

Stephan

Message was edited by: sgriesel on 3/8/13 7:21:19 AM CST

Message was edited by: sgriesel on 3/8/13 7:32:43 AM CST
0 Kudos
4 Replies
jenkinski
Level 9

Re: policy not replicating in epo

Stephan,

The error you mention won't have anything to do with On-Access policies. The noted error would only have a potential effect on Policy Auditor.

There are too many variables to know for sure. But if you're agent is communicating correctly (which it appears to be), there's probably an inheritance issue foobar. Or what many people forget to do is select 'Server' or 'Workstation' in the policy modifications.

Sometimes the simple answers are the ones we forget about! BTW of course make sure your Apache (ePO Server) is running... that controls agent server comms but isn't necessary for logins and policy mods.

-KJ

Message was edited by: jenkinski on 3/8/13 6:02:23 PM CST

Message was edited by: jenkinski on 3/8/13 6:03:05 PM CST
0 Kudos
stickman
Level 12

Re: policy not replicating in epo

Hi Jenkinski,

Thank you for your reply.

I double checked the "server" modification and it is selected:

exclusionpolicy.JPG

Also checked the Apache service running, all looks good:

exclusionpolicy2.JPG

0 Kudos
jenkinski
Level 9

Re: policy not replicating in epo

Perhaps a little more details as to why you believe it is not replicating. What is being blocked/scanned? The assumptions are:

The systems are communicating

The systems don't have broken inheritance

You are 'over writing client rules'

The processes tab for default says to use 'one policy for all processes'

It is in fact a VSE on-access block and not a HIPS, Artemis or firewall block

0 Kudos
stickman
Level 12

Re: policy not replicating in epo

I added few exclusions to test, please see image above to

The following files are being excluded on the Exchange machine to scan:

c:\stephan\*

c:\stephan\test\*.*

c:\stephan\test2\*.*

I logged onto the Exchange server, opened the "On Access Scan Properties" and the exclusion number in brackets not increasing. See image below.

EXLUSIONS.JPG

The policy im using was duplicated from original exchange policy to test and does not inherit.

0 Kudos