Just for testing, in the features policy check the box for Bypass Package control.
I had a similar issue with my offload scan servers "MOVE" when scanning .msi files. Was advised by support to select Bypass Package control. It cleared the issue.
From what I understand this does not make you less safe since what this is doing is allowing something other that msiexec to manipulate an .msi file.
Thank you so much for your kind response. Your suggestion solved the issue, so now we can proceed with our tests.
Have a nice day.
Do you know which specific SCCM exes need to be made updaters in order for Application Control to work properly with SCCM?
I see these files but don't know which is the correct one to select as the updater.
Any help will be greatly appreciated.
Ccm32BitLauncher.exe ccmdump.exe CcmEval.exe CcmExec.exe ccmrepair.exe CcmRestart.exe CMHttpsReadiness.exe OSDBitLocker.exe OSDBitLocker_wtg.exe OSDDiskPart.exe OSDDownloadContent.exe OSDJoin.exe OsdMigrateUserState.exe OSDNetSettings.exe OSDPrepareOS.exe OSDPrepareSmsClient.exe OSDPrestartCheck.exe OSDRunPowerShellScript.exe OSDSetDynamicVariables.exe OSDSetupWindows.exe OSDSmpClient.exe OSDUpgradeOS.exe OSDWinSettings.exe SCClient.exe SCNotification.exe SCToastNotification.exe ShellExecuteMSStore.exe smsappinstall.exe smsboot.exe smsnetuse.exe smsswd.exe tsenv.exe TSInstallSWUpdate.exe TSManager.exe TSMBootstrap.exe TsProgressUI.exe UpdateTrustedSites.exe VAppCollector.exe VAppLauncher.exe