03-23-2009 05:27 AM - edited 03-09-2019 10:09 PM
Greetings,
I'm deploying the CSA solution in on of our custommers and I'm having some trouble in controlling the installation of third-party softwares.
I tried using these settings:
Windows Rule Module: Block 3rd Installations
System State: Installation Process
Rule:
\Action: Priority Deny
\Programs: <*Installation Programs>
But not: MS Windows Update
\Files: $TEST
|$TEST = @windows, @systemroot, *:\*, c:\**\*, d:\**\*
But this rule isn't working properly. For some reason the CSA Agent won't recognize the Installation Processes as it should, I'm still able to install anything...
I was wondering if anyone that had already configured a rule module like this could help me out here.
Waiting answer!
Thanks in advance, DANIEL COSTA
03-24-2009 11:00 AM
I wish it were as simple as that, unfortunately installation packages in windows are not standardized at all, some installers just copy files and change registry keys, some just copy files, others start windows installer service (msi) and others do something all together different, some of this can be caught, but not completely. Installation Applications class is not used as far as i can tell, at all in csa at the moment. I would suggest removing the users admin privileges as the first step, and then use a deployment tool for installations, instead of unmanaged local installations
03-24-2009 11:05 AM
Sorry, i hadn't looked closely enough at the mass software policy, it seems that Installation Applications is in fact used by windows update processes and mass software deployment tool descendant processes.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide