+1, we're doing pretty much exactly what Jim describes as well for valid
software exceptions.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Kennedy, Jim
Sent: Monday, April 10, 2017 7:56 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE:
Absolutely not. That is extremely lazy programming. Many of us have
similar GPOs for antivirus purposes.
--
Espi
On Mon, Apr 10, 2017 at 7:25 AM, David McSpadden wrote:
> Have a vendor that want so run his app from the APPDATA..TEMP directory.
>
> I have a GPO that denied
Have a vendor that want so run his app from the APPDATA..TEMP directory.
I have a GPO that denied .exe from running there or subfolders of there.
Any reason I should allow this?
I have the exact folder and program name but it's opening up an exception to my
rule??
Any thoughts?
David McSpadden
Point and laugh at the vendor and tell him to try again?
DAMIEN SOLODOW
IT Engineering Lead
317.447.6033 (office)
HARRISON COLLEGE
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of David McSpadden
Sent: Monday, April 10, 2017 10:25 AM
To:
That is very common, and creating exceptions for that directory is to be
expected. For example all the webcast/conference software like WebEx use that
directory. I am assuming you are using Applocker. Hopefully the vendor signed
their exe with a cert. Most do these days. So create a
I have approval to do that.
But wanted to be certain from others outside of my office that I am thinking
correctly.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Damien Solodow
Sent: Monday, April 10, 2017 10:33 AM
To: ntsysadm@lists.myitforum.com
I'll have to see. Other admin in the department trying to get the exception
approved for ditto.exe (Screen sharing software).
All I can find it bad installs and corrupt files in GoogleFu.
I am thinking I will be asking from them to get other software that doesn't
have such a bad track record.
There are two Ditto's. One is a toolbar that seems to fit your description.
The other is an enhancement to clipboard and seems legit. So yea, exceptions of
course have to be for valid software. I don't have a problem doing it if it is
valid software. That's my job, make it usable and safe. A
8 matches
Mail list logo