Jump to content

User Policies not Restricting Users

Recommended Posts

Hello, I'm using EEC on a Domain (Server 2012r2)

In Policies I have used the "Add network" function to add all of my domain computers and deployed to all of them (All of the computers had Emsisoft already but not managed by EEC so I used the "deploy" feature to connect them)

Also in Policies tab, I used the "Add domain" function to add all of the domain users, which were detected and added as xxx.local\username.

I then added all of the users to either the pre-existing Administrators group or Users group depending on which permissions I wanted the particular users to have.

I also added computers to appropriate groups and set a password in Computer Policies for those computer groups.

So far so good...

But when I open Emsisoft on one of the workstations using a restricted user, no restrictions appear to have any affect. I am able to modify any of the settings at will without being blocked or prompted for a password or anything. No affect.

To further confuse, I can see in the "Clients" tab that the "User Permissions" column does show the correct user group. And another thing: I can see that the computer policy settings I configured are, in fact, being pushed to the Emsisoft clients, including the password protection. I can also confirm that the user permissions are being pushed down because when I go to the Permissions tab in Emsisoft Settings, check "Use domain users" and drop down to the user I'm currently logged in as, it shows nothing checked in the "Allowed actions" box, as it should. I should mention that the drop-down shows the user as XXX\USER rather than XXX.local\USER like it shows in EEC.

I don't understand why this is happening. Am I doing something wrong, or is there a bug? Any help is appreciated.

2017-01-29 15_29_17.png

2017-01-29 15_35_18.png

2017-01-29 15_43_31.png

2017-01-29 15_44_34.png

Link to comment
Share on other sites

Hi Caretechit,

Thanks for your feedback:

There are some basic things about permissions to be understood:

1) permissions are not applied to local admins.
2) View main Window and Quarantine Detected objects should always be left enabled, like the default setting.

However in the current beta and upcoming stable release of EAM and EEC, we have drastically simplified permissions to:

1. No access
2. Read-only access
3. Basic access (default for non-admins)
4. Full access (default for admins)

Permissions are applied to local admins (password has to be set) and user accounts.

I suggest to wait until we released EEC stable so that we can help you setup the new permissions system (if still required)



Link to comment
Share on other sites

Hi Frank,

Thank you for the quick and comprehensive response. It sounds like the new version does what I need. 2 question topics for you so I can plan:

1. What is the ETA for the new stable version? (I understand it's an estimate, just trying to get an idea)

2. If it will be a while, the beta might be fine. Where may I find the beta? And can I upgrade my current config to the beta, or would I uninstall the current version entirely in order to install the beta?

Thanks again, and have a great day.

Link to comment
Share on other sites

Hi caretechit,

1) Beta's usually are released around the 21st of every months and stable released usually are release every end of the month. http://changeblog.emsisoft.com

2) you can update EAM and EEC to beta by switching to the beta update feed:

- EAM: settings / Updates -> select update feed 'beta' and perform an update.

- EEC: Settings  / Options -> Select update feed 'beta' and perform an update.


Link to comment
Share on other sites

This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...