08-27-2015 01:25 PM - edited 03-10-2019 11:00 PM
I am testing the Launch Program Remediation feature without success.
Sometimes Anyconnect (4.1.04011) shows a message indicating the file that has been requested could not be launched either because it could not be found or there is a problem launching it.
I had tried launching easy things like calc.exe or cmd.exe ... My final goal is to launch the AV signatureupdate but anything appears to work.
Thanks in advance.
08-27-2015 02:09 PM
What AV are you suing, is your AV not supported by the built in AV policies, since you are using launch program remediation?
08-27-2015 04:43 PM
I'm using System Center Endpoint Protection (Microsoft). The idea is remediate a computer that has been off the network by several days. As the posture rule requires the definition file to not be more tan 1 day older that the latest file date, the computer would be no compliant.
I like to launch the signature update as soon the anyconnect identifies the no compliant condition and not wait until the System Center Server updates by itself which can be after several minutes.
The only way I had seen this feature working is when the computer user has administrative privileges which is not true for most of the users.
08-27-2015 05:44 PM
I don't know anything about system center endpoint protection...is it what was called forefront before or ?
My experience is that when you try to launch something it will either launch as the SYSTEM user, if you are not administrator, and as the logged-in use if you are administrator. This has caused me some issues when testing posture. I would advise using the sysinternals process monitor and watch what acposture.exe/iseposture.exe is doing to find out what is going wrong.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide