This content has been marked as final. Show 7 replies
You didn't mention which VS Enterprise version you're using... but as an example, with VS# 8.5i, have you tried ???....opening the VS console, then click on "Tools", then click on the "User Interface Options", then select the "Password Options" tab.. It's possible to select a number of choices, including the "Password Protection For the Selected Items" option which allows you to select specific passworded items, ideally Access Protection.
Hope this helps.
Sorry, I guess I left out some details. We're running VSE 8.5 patch 5 and we deploy via ePO 4.0. I know what section you're talking about, but I didn't realize that the access protection section was related to uninstalling the product.
So if I go and lock down the access protection section, that should prevent people from uninstalling without a password?
I don't think mcafee have this function to prevent uninstalling.
Creat a password for console can only prevent user from changing Vse's setting.
You still can uninstall vse from add/remove program panel easily.
Personally, I advise you use mcafee installation designer to reconfigure vse.You should choose Not display on Add/remove program panel.Then user can't uninstall vse from control panel.
Ok so if I did that, how would our desktop team uninstall VSE if it became necessary to do so? Command line is the obvious answer, but what would stop a user with local admin rights from also uninstalling via command line?
Also, is there any way to prevent the McAfee services from being stopped?
You are right. A user with local admin rights can uninstall vse with some third-part software.
But i would say there is no perfect method to protect it, you can just try best to avoid this happened.
Maybe you are also worrying about the vse's service being stop.
Yes,vse8.5 have function to prevent its services being stopping.But i have a tool can terminate vse easily.
So i would say its self protect is weak.
I know that VSE has the ability to protect processes from being stopped, but I wasn't aware that it had the ability to prevent it's services from being stopped... where do I find those settings?
This is all pretty disappointing. Even a crappy product like Symantec Corporate Edition has the ability to prevent the application from being uninstalled.
I feel disappointing too.
But i suggest you can use epo to manage vse in your environment.
Epo can detect which client's vse doesn't work normaly.Then check in vse to install in that client automatily and silently.