tbsky 8 Posted November 26, 2019 Share Posted November 26, 2019 Hi: I tried to use all-in-one installer made by ESMC to upgrade endpoint 6.4 client. the all-in-one installer include a minimal policy with only password set. I assume the minimal policy will brings endpoint client to its default. it is true for new computers. but for some old computers, after upgrade with all-in-one installer, I found the "potentially unwanted" and "potentially unsafe" are enabled. so it seems some old policy brings to new after upgrade. if I uninstall endpoint and reinstall again, then everything is normal. so I wonder I still need force many default policy like ERA 6.x? I found the sentence below at document, but I don't understand what it means. I was thinking client will use default if not apply: Important ESET security products version 7: Not apply flag turns individual policy settings to the default state on client computers. Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 430 Posted November 26, 2019 ESET Staff Share Posted November 26, 2019 The policy works in the way, that only if the setting has "apply flag" it will be actually applied on the client. Meaning, if you have set just the setting for password protection, all of the other settings will remain as before, meaning if the 6.4 was configured somehow, the settings will retain as that is how the old configuration of client is interpreted. I will ask our QA department to verify this behavior, as it´s meant to work in a way that when you remove the particular setting (change "apply" to "not apply") it will return the previous settings back to the state "before the policy was applied". Link to comment Share on other sites More sharing options...
tbsky 8 Posted November 26, 2019 Author Share Posted November 26, 2019 1 hour ago, MichalJ said: The policy works in the way, that only if the setting has "apply flag" it will be actually applied on the client. Meaning, if you have set just the setting for password protection, all of the other settings will remain as before, meaning if the 6.4 was configured somehow, the settings will retain as that is how the old configuration of client is interpreted. I will ask our QA department to verify this behavior, as it´s meant to work in a way that when you remove the particular setting (change "apply" to "not apply") it will return the previous settings back to the state "before the policy was applied". thanks a lot!! the document warns behavior change between 6.x and 7.x about "not apply" flag. but I don't understand what is it. so wait and learn from your confirm. Link to comment Share on other sites More sharing options...
tbsky 8 Posted November 30, 2019 Author Share Posted November 30, 2019 On 11/26/2019 at 6:30 PM, MichalJ said: I will ask our QA department to verify this behavior, as it´s meant to work in a way that when you remove the particular setting (change "apply" to "not apply") it will return the previous settings back to the state "before the policy was applied". any update for this? I don't see difference between 6.x and 7.1 "not apply" policy. I wish to understand what I missed. Link to comment Share on other sites More sharing options...
Recommended Posts