Environment
- App Control: All Supported Versions
- Microsoft SQL Server: All Supported Versions
Symptoms
- Systems unable to start due to a rule blocking action
- End-users seeing mass blocks
- Previously approved software is now blocked
Cause
A bad or unsatisfactory block rule was created or modified
Resolution
If the App Control Server/Database is down:
- Boot server(s) into safe mode
- Go to Start > Run > services.msc
- Set App Control agent service to disabled
- Start Windows normally
- Open an admin CMD promt
- Run command:
fltmc unload paritydriver
- Remove the offending rule in the next section, then pick up again on step 8 of "correcting agents" section
Removing the offending rule:
- Login to the App Control console
- Determine which rule is causing the block:
- Disable the offending rule.
- Navigate to Assets > Computers
- Confirm agents match "Current CL Version" for the server
Options to correct agents that are unable to boot or receive configlist updates:
- Uninstall/Reinstall the agent
- Update the CL of Effected Machines:
- Boot effected machines(s) into safe mode
- Go to Start > Run > services.msc
- Set CB Protection agent service to disabled
- Start Windows normally
- Open an admin CMD promt
- Run command:
fltmc unload paritydriver
- Go to Start > Run > services.msc
- Set App Control agent service to automatic startup
- Start App Control agent service
- In command prompt, run commands:
cd c:\program files (x86)\bit9\parity agent
dascli status
Under "Server Information", wait for confliglist line to say <CLINumber> of <CLINumber> 100% (or higher than value found in "Removing the Rule" )
- Restart Device
- Confirm device is checking back into CB Console
Additional Notes
- Uninstalling/reinstalling agents will cause them to go through initialization. Please refer to user guide
Related Content