[NTSysADM] RE: Running exe from APPDATA..TEMP directory

2017-04-10 Thread Miller Bonnie L.
+1, we're doing pretty much exactly what Jim describes as well for valid software exceptions. From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Kennedy, Jim Sent: Monday, April 10, 2017 7:56 AM To: ntsysadm@lists.myitforum.com Subject: [NTSysADM] RE:

Re: [NTSysADM] Running exe from APPDATA..TEMP directory

2017-04-10 Thread Micheal Espinola Jr
Absolutely not. That is extremely lazy programming. Many of us have similar GPOs for antivirus purposes. -- Espi On Mon, Apr 10, 2017 at 7:25 AM, David McSpadden wrote: > Have a vendor that want so run his app from the APPDATA..TEMP directory. > > I have a GPO that denied

[NTSysADM] Running exe from APPDATA..TEMP directory

2017-04-10 Thread David McSpadden
Have a vendor that want so run his app from the APPDATA..TEMP directory. I have a GPO that denied .exe from running there or subfolders of there. Any reason I should allow this? I have the exact folder and program name but it's opening up an exception to my rule?? Any thoughts? David McSpadden

[NTSysADM] RE: Running exe from APPDATA..TEMP directory

2017-04-10 Thread Damien Solodow
Point and laugh at the vendor and tell him to try again? DAMIEN SOLODOW IT Engineering Lead 317.447.6033 (office) HARRISON COLLEGE From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden Sent: Monday, April 10, 2017 10:25 AM To:

[NTSysADM] RE: Running exe from APPDATA..TEMP directory

2017-04-10 Thread Kennedy, Jim
That is very common, and creating exceptions for that directory is to be expected. For example all the webcast/conference software like WebEx use that directory. I am assuming you are using Applocker. Hopefully the vendor signed their exe with a cert. Most do these days. So create a

[NTSysADM] RE: Running exe from APPDATA..TEMP directory

2017-04-10 Thread David McSpadden
I have approval to do that. But wanted to be certain from others outside of my office that I am thinking correctly. From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Damien Solodow Sent: Monday, April 10, 2017 10:33 AM To: ntsysadm@lists.myitforum.com

[NTSysADM] RE: Running exe from APPDATA..TEMP directory

2017-04-10 Thread David McSpadden
I'll have to see. Other admin in the department trying to get the exception approved for ditto.exe (Screen sharing software). All I can find it bad installs and corrupt files in GoogleFu. I am thinking I will be asking from them to get other software that doesn't have such a bad track record.

[NTSysADM] RE: Running exe from APPDATA..TEMP directory

2017-04-10 Thread Kennedy, Jim
There are two Ditto's. One is a toolbar that seems to fit your description. The other is an enhancement to clipboard and seems legit. So yea, exceptions of course have to be for valid software. I don't have a problem doing it if it is valid software. That's my job, make it usable and safe. A