SEP Internals: How to unlock SEP client settings locked down by Central policies

A good example you want to do this is

  1. You a central AV policy that locks down the option “User-defined Exceptions” to restrict your users excluding any of the locations from SEP AV Scanning
  2. However, when you have one of such restricted client affected  by risks you require to research the affecting risk and it’s files but you definitely don’t want to connect this PC to the network to unlock this feature via the central policy. Thus need an option to unlock this setting locally without connecting to the network.

From an exhaustive research on this possibility, I discovered below procedure to achieve this:

  1. Setup a SEP client computer with desired unlocked/locked down settings. For example, with all settings as is to live setup but except the “User-defined Exceptions” setting unlocked.
  2. Copy the "C:Program Files (x86)SymantecSymantec Endpoint Protectionserdef.dat" to the affected machine via removable media
  3. Restart the SMC service

<

p>That’s, you’ll now have the affected SEP client showing up “User-defined Exceptions” option unlocked and you can create exceptions as needed.

Leave a Reply

Your email address will not be published. Required fields are marked *