Allow Endpoint Protection services to be configured Back up the Windows registryīefore you begin this procedure, back up the Windows registry. When the Administrator account is enabled, log on using that account. To enable the Administrator account, see Enable and Disable the Built-in Administrator Account (Microsoft). The Administrator account on Windows must be used to remove Symantec Endpoint Protection. If an entry does not exist, move on to the next one. Not all files, folders, registry keys, or registry values may be present on the computer. Manual uninstall of SEP should only be attempted as a last resort if traditional removal by Add or Remove Programs fails. We recommended that you use Add or Remove Programs when uninstalling Symantec software before starting this process. The manual removal process can disable other Symantec products that are installed on the computer. Remove Endpoint Protection files and folders.Restore default Windows network settings.Remove Endpoint Protection from the registry.Remove the Teefer driver (may not be present).Allow Endpoint Protection services to be configured.So my question is: How can I force the SEPM to send down a policy that disables (unchecks) the Tamper Protect box? I know that I can switch to server control mode for a couple hours and the setting will be sent down to all online clients.but that seems like a kludgy way to do things and only gets the online clients.
The problem is this, we run in "Mixed Mode" and every time a new client comes out (MP2 in this case) and is pushed down from our SEPM, Tamper Protect gets re-enabled or if it's a new install, tamper protect is enable by default. Tamper Protect seems to conflict with our two factor authentication software and unfortunately.upgrading the two factor software is not an option. We have an issue with SEP (and SAV for that matter) assisting in a BSOD with a stop 50 error if "Tamper Protect" is enabled when a machine is rebooted.
0 kommentar(er)
