1 Reply Latest reply on Aug 4, 2010 3:57 AM by Stoo85

    Windows 7 Custom Access Protection rules failure

      Hi there,

      I have a bit of a problem and I'm wondering if anyone can help.  I'm running VSE8.7.0i, patch 3 and the latest DAT's and Engine.  I have set up a number of user defined rules in access protection policies to prevent the student in my school running files from a number of locations.  I am blocking all processes the the folder/file name "h:\**\*.bat"  This stops users creating batch files from their home area.  I have an almost identical one for their destop, removable drives (E:/F:) and a couple of other places.  This has been running fine for years on my XP machines however I recently purchased some Win 7 Machines and hit a problem.  I noticed initally when I suddenly lost all my network drives. A little research showed this in the access protection log.

       

      03/08/2010 14:10:43 Blocked by Access Protection rule  <domain>\<user> C:\Windows\system32\userinit.exe \Device\Mup\<servername>l\netlogon\lginscrpt.bat User-defined Rules:BAT From H Action blocked : Read
      03/08/2010 14:12:55 Blocked by Access Protection rule  NT AUTHORITY\SYSTEM C:\Windows\system32\gpscript.exe \Device\Mup\<domain>\SysVol\Domain>\scripts\PhotoStory.bat User-defined Rules:BAT From H Action blocked : Read

       

      Now for some reason the rule is blocking access.  If I disable the rule then the next similar rule will block the file. If I disable all the rules then the batch file works. The thing is that this works on XP machines, I also cannot see how this location has violated the rule condtition.  If I exclude those two processes then the flie is still blocked but the process is changed to cmd.exe which I didn't want to exclude as I want to make sure I stop the pupils running the batch files (rather than just gamling they are all run under the explorer process when in windows.

       

      Anyone had anything similar or any ideas?