Jump to content

Policy to allow selected users to disable real-time


Phil Dye
 Share

Recommended Posts

I'm struggling to work out how to define a policy to allow a specific group of users (who I can identify OK with a dynamic group) to disable real-time file system protection, where it's enabled at a higher policy level.

At a high-group in the tree I assign a default "Antivirus - balanced" policy, which enables real-time file system protection, but if I create a deeper policy, then I can't seem to "set" it with a value that allows users to disable it; only that I can enforce it to be enabled or disabled.

Am I approaching this wrong?

Link to comment
Share on other sites

  • Administrators

You would need to have a group of these users and with a policy assigned that has the "Start Real-time file system protection automatically" enabled but it cannot have a flag to be applied or enforced by the policy.

Only users with administrator rights can manually disable real-time protection if not set by a policy.

Link to comment
Share on other sites

But if I don't set it to be applied or enforced, then the policy is not set at all? (the tooltip shows "setting is not set", and there's no (1) lozenge against the category tree).

Capture.PNG

Link to comment
Share on other sites

  • Administrators

You have basically 2 options:

1, Enable override mode in a policy that is applied on endpoints. You can select users from AD who will be able to override the policy and pause protection or change other settings.

2, Create a new group with the privileged users in it and a policy which will not have the above mentioned setting set by a policy bounded to this group. These users will be able to pause protection without using override mode provided that they have administrator privileges.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...