The trick in disabling OAS at the pc is to launch the VSE console & disable the "Access Protection" first. Once this has been disabled (right click, disable); you should be able to do the same to "On-Access Scanner" after a couple seconds.
This is assuming that the administrators have access to unlock the console if required
That is not what I am trying to accomplish. The users currently can do as you note above, but the policy will reset (turn back on) the on-access scanner with in a few seconds. What I am hoping to do is give "Administrators" the ability walk up to the computer, and while still logged on as the user, disable on-access scanner durning the install process. And then enable the on-access scanner after the install completes.
I don't think this is permissions related. When logged on as an administrator, I can go into the console and disable access protection in the VSE console, and it will automatically turn itself back on sometimes. Kinda frustrating when trying to submit a MER or do something that requires access protection to be turned off.
Yes, it will be re-enabled because you are making changes locally and at every policy enforcement (default is 5 minutes), poilcies from ePO will be enforced to client machine.
I will not suggest you to disable any of McAfee components while running the MER tool orelease MER log will not have correct info.
For example: You have disabled VSE AP while running the MER tool so in MER log, it will show that AP is disabled which is not true.
hi you could always disable Mcshield service . But you have to change to manual and then to stop it. i hope this helps
I believe this is what you are looking for.
Assumption: you are logged-on on with an admin credential
Open CMD prompt and type "net stop mcafeeframework" but do not hit <enter> yet.
Open VSE console then highlight "Access Protection" and click STOP (red square in toolbar) or right-click -> Disable.
Immediately go back to the command prompt window and hit <enter>. -> Allow time for the framework service to stop. (If you get an access denied error, try stopping Access Protection again and then try stopping the framework service again. Timing is crucial on this. If you wait too long or get unlucky the framework service may re-enable Access Protection in between the steps).
Go back to the VSE console and highlight the On-Access Scanner and click stop or right-click -> "Disable".
OAS is now disabled and will remain that way until you start the framework service and allow time for policy enforcement or reboot the machine.
Hope this helps.
Don't think that this will work because the user is a Local Admin of the computer, but not a Domain and/or McAfee Administrator. I will give it a try and let you know what happens.