haco 0 Posted January 12, 2016 Share Posted January 12, 2016 Hello, I have deployed era 6 on a new server by import from era5. Now I have the strange behaviour that a lot of the settings on the clients seem te bo locked (see attachment). That makes it impossible to add f.e. firewall rules on some clients locally. Is there somebody who can help me out on this? I'm having difficulties finding my way around the new era. Link to comment Share on other sites More sharing options...
jimwillsher 64 Posted January 12, 2016 Share Posted January 12, 2016 Find one of your client computers in the ERA 6 console and look at the applied policies - policies may be applied to individual computers or to computer groups. Then for each polocy that's applied, have a look at the settings in that policy. Jim Link to comment Share on other sites More sharing options...
haco 0 Posted January 14, 2016 Author Share Posted January 14, 2016 Thank you for your reply. The only applied policy is the policy that was imported from ERA5. Is there a setting to lock applied settings or so in this new version? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,538 Posted January 14, 2016 Administrators Share Posted January 14, 2016 Thank you for your reply. The only applied policy is the policy that was imported from ERA5. Is there a setting to lock applied settings or so in this new version? Settings defined in a policy are automatically locked on clients. Those that are not defined (ie. have no Apply nor Force flag) can be modified on clients. Link to comment Share on other sites More sharing options...
ESET Staff MartinK 375 Posted January 14, 2016 ESET Staff Share Posted January 14, 2016 Thank you for your reply. The only applied policy is the policy that was imported from ERA5. Is there a setting to lock applied settings or so in this new version? All "applied" settings are automatically locked and there is no way how to disable this functionality. Lock will be removed once policy is no longer assigned to this specific client (remove policy, or remove association between policy and client). Link to comment Share on other sites More sharing options...
haco 0 Posted January 14, 2016 Author Share Posted January 14, 2016 Thanks for the insightfull answers. So If I understand correctly, as soon as I deploy a policy with some firewall rules in to a client, that client is NOT able to add ANY firewall rule anymore? Link to comment Share on other sites More sharing options...
haco 0 Posted January 15, 2016 Author Share Posted January 15, 2016 Just confirmed the above.I made a policy with only one firewall rule added. Setting this renders the client unable to add any firewall rule at all. Is this by design or a bug? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,538 Posted January 15, 2016 Administrators Share Posted January 15, 2016 It's by design. A policy is a set of settings and rules that are applied on clients. If a user was able to modify settings set by an administrator, it wouldn't make sense to use policies. Link to comment Share on other sites More sharing options...
Recommended Posts