![]() ![]() And for the life of me I cannot find what security-forsaken application is trying to run, because the one that shows up as blocked in the event log is already whitelisted six ways from Sunday. So we tried allowing each individual executable by name, with no folder location restriction, but that's STILL not good enough. (Full whitelisted path is "C:\Users\%username%\AppData\Local\Microsoft\SkypeForBusinessPlugin\" meaning any application in that folder or any subfolder thereof would be allowed.) But that doesn't solve the problem. We know the directory where it installs, and allowed the entire directory, with the %username% variable. ![]() Second, once the plugin is installed, and once we make sure the user is opening a browser that allows the third-party plugin, it still gets blocked by policy. Because every host seems to have their own installer, hosted on their own server, and they always insist on installing THEIR web app. Instead, we save the installer to a special directory, so that the users can install it under their accounts. We can't just blanket allow the installer from any location, since that's a disaster waiting to happen.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |