search cancel

Error establishing communication with PsExec service, when DLP endpoint agent is running

book

Article ID: 174751

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent

Issue/Introduction

You are trying to run a command using the PsExec app (sysinternals) via a command prompt with the DLP endpoint agent installed, but receive the error below. The problem does not appear when the DLP endpoint agent is disabled.

Error message:

 

 

"Error establishing communication with PsExec service on [machinename] :
Access is denied"

 

Environment

PsExec  ver.2.2 or newer (important as the older version can produce a different output in Getappinfo)

Resolution

The psexec.exe application should be whitelisted in the Enforce console

The configuration below resolves the issue - using only the binary name "PsExec\.exe":

 

In ver. 15.5 MP1 whitelisting is not needed, issue does not appear.

Attachments