This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

application control show success, but does not block

Hi All

    My ZCM version is 2020U1, and Ineed create a endpoint application control policy to block application.

I create a testing policy to block notepad.exe and mspaint.exe with Global Policy (All location), I assign to workstation.

001.png002.png

it show apply success...but I run the notepad &mspaint...it always run well.

 

Which step that I mistake or incorrect ??

 

Thanks!!

 

Wencheng

Tags:

  • 0

    https://www.novell.com/documentation/zenworks-2020-update-1/zen_es_policies/data/b11iozil.html

    NOTE: Application controls are not enforced on files in the %WINDIR% and %ZENworks_HOME% directories.

    mspaint and notepad are both fall under %WINDIR%.

  • 0   in reply to 

    And the reason is to avoid a case where policy settings block the proper operation of the OS, possibly unable to boot or unable to operate enough to remove a policy that was accidentally overly restrictive.

    --

    If you found this post useful, give it a “Like” or click on "Verify Answer" under the "More" button

    Be sure to "Like" My (and a few others) Cool Solutions below! 

    https://community.microfocus.com/members/craigdwilson/bookmarks

  • 0 in reply to 

    Hi

     I build another ZCM 2020 for compare...it create the same application control policy (Global policy for ALL location, so not location issue ) to some agent (WIn7SP1 x32/win10 1809/win10 2004)....

    win7SP1 x32  and win10 2004 could block mspainit and notepad as screenshot.

    c05.pngc06.png But Win10 1809 could not block any file...

     

    I also provide the application  export xml file as attach file,

    applicationControlPolicy.zip
  • 0 in reply to 

    Hi All

         I ZCM2020 (for compare my issue lab), upgrade to 2020U1 and upgrade agent to 2020u1 version...

    Win7x32 Sp1 still show a windows error message unable access mspaint..

    c05.png

    but windows 10 (2004) it could not unable access mspaint..but no above error message occur.

     

    So my original ZCM2020U1 (which install SLES and use external CA) indeed has some problem to block application.

     

    Wencheng

  • 0 in reply to 

    Hi All

         Icompare my both ZCM2020 lab (issue lab is 2020U1 which use SLES server and external CA ; another lab use applicance and use internal CA),

           My ZCM2020 applicance's application control policy seem could apply well and indeed block application (Location is not reason and the policy indeed block mspaint and notepad). I try to upgrade zcm2020 appliance to 2020U1...its function still block application well.

           so base on compare result. My issue lab indeed has some problem , it show apply well , but unable block application.

     

         Wencheng

  • 0 in reply to 

    At this point, I'd probably recommend opening a case. As with documentation, it doesn't seem like you should be able to block mspaint or notepad. This might be a defect that needs to be investigated further with development's involvement.