7 Replies Latest reply on Jul 1, 2008 11:47 AM by wske

    Password protecting for uninstall?

      Just wondering if it's possible to password protect the uninstall functionality from Add/Remove programs? We have many users that have local admin rights to their machines, and some of these users are uninstalling the client and/or shutting down services to get around McAfee. I know that you could require a password to uninstall Symantec and that's really all I wanting here.
        • 1. RE: Password protecting for uninstall?
          You didn't mention which VS Enterprise version you're using... but as an example, with VS# 8.5i, have you tried ???....opening the VS console, then click on "Tools", then click on the "User Interface Options", then select the "Password Options" tab.. It's possible to select a number of choices, including the "Password Protection For the Selected Items" option which allows you to select specific passworded items, ideally Access Protection.

          Hope this helps.

          Grif
          • 2. RE: Password protecting for uninstall?
            Sorry, I guess I left out some details. We're running VSE 8.5 patch 5 and we deploy via ePO 4.0. I know what section you're talking about, but I didn't realize that the access protection section was related to uninstalling the product.

            So if I go and lock down the access protection section, that should prevent people from uninstalling without a password?
            • 3. RE: Password protecting for uninstall?
              I don't think mcafee have this function to prevent uninstalling.
              Creat a password for console can only prevent user from changing Vse's setting.
              You still can uninstall vse from add/remove program panel easily.
              Personally, I advise you use mcafee installation designer to reconfigure vse.You should choose Not display on Add/remove program panel.Then user can't uninstall vse from control panel.
              • 4. RE: Password protecting for uninstall?


                Ok so if I did that, how would our desktop team uninstall VSE if it became necessary to do so? Command line is the obvious answer, but what would stop a user with local admin rights from also uninstalling via command line?

                Also, is there any way to prevent the McAfee services from being stopped?
                • 5. RE: Password protecting for uninstall?
                  You are right. A user with local admin rights can uninstall vse with some third-part software.
                  But i would say there is no perfect method to protect it, you can just try best to avoid this happened.
                  Maybe you are also worrying about the vse's service being stop.
                  Yes,vse8.5 have function to prevent its services being stopping.But i have a tool can terminate vse easily.
                  So i would say its self protect is weak.
                  • 6. RE: Password protecting for uninstall?


                    I know that VSE has the ability to protect processes from being stopped, but I wasn't aware that it had the ability to prevent it's services from being stopped... where do I find those settings?

                    This is all pretty disappointing. Even a crappy product like Symantec Corporate Edition has the ability to prevent the application from being uninstalled.
                    • 7. RE: Password protecting for uninstall?
                      I feel disappointing too.
                      But i suggest you can use epo to manage vse in your environment.
                      Epo can detect which client's vse doesn't work normaly.Then check in vse to install in that client automatily and silently.