The user needs to log off for the policy removal to take effect. Can you log off the user and then check?
But Log off method doesnt apply while adding the policy,why does it apply for removing policy??
I tried what you said & it really works for the first time but when i tried the same scenario again it doesnt work & also we are not able to remove the setup that we copied for installation on the server.
Do you have an idea
Please provide exact steps followed for this statement:
"I tried what you said & it really works for the first time but when i tried the same scenario again it doesnt work & also we are not able to remove the setup that we copied for installation on the server."
One one of the Windows server 2008,I have installed Application control 6.1.3 & solidified
it.I copied two exe files putty.exe & Filezilla.exe & tried to install
it,it doesnt allow me bcoz of application control thats fine.So,for testing purpose I
added a user in trusted user list and then tried to run application & it runs,thats fine.
Again I removed the user from trusted list & tried to run application,it allows me to run
so with the help of your update I log off & then login & user not able to run application
so it works accordingly.
So,when I tried the above scenarion again & log off the user & then login still the user
able to run the application which it shouldnt be.Also,user is not able to delete those
two files which i copied on the server for testing purpose,it seems that those two files are solidified.
I log in from another user & tries to delete those two files but not able to do so.
Incase,if you have any further query, please feel free to ask.
This can only happen if those application got added to whitelist when they were run last time.
Please try and run a completely new set of application in the same session and verify.
You may need to check why the applications got added to whitelist. They may have been updated by an updater to get to the whitelist.
You can check for the File_Solidfied events for this.
Thanks for your update!!!
I dont know how the application got added to the whitelist.No problem,I will try it with other application.
Meanwhile,let me know where I need to check for file_solidifed events,
Check inside the SolidCore Events tab.
Thanks for your suggestions!!
I had already checked solidcore events tab,I thought Neelima was tallking about some other events thats why asked for the same
You can search for the file name and FILE_Solidified events through Advanced Filters. I have created a video on how to do this.
Let me know if this helps or if there are other areas we can add video for.