Does the upgrade of a Server to a Domain Controller Automatically create the necessary exception for the Active Directory ?

book

Article ID: 177887

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Does the upgrade of a Server to a Domain Controller Automatically create the necessary exception for the Domain Controller ?

Symptoms
SEP is installed on a server. Now the server is promoted as a Domain Controller will it detect Active Directory on the client computer, and automatically create the exclusions?


Cause

When SEP is installed initially , The client monitors the applications that are installed on the client computer. If the software detects Active Directory on the client computer, the software automatically creates the exclusions.

Resolution

SEP will not detect automatically if the Server is promoted as Domain Controller.

When SEP is installed initially , The client monitors the applications that are installed on the client computer. If the software detects Active Directory on the client computer, the software automatically creates the exclusions.


You have to either uninstall and reinstall the SEP client or create the exclusion manually .



Technical Information
Windows Registry Editor Version 5.00


[HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Exclusions\Domain Controller]
"HaveExceptionFiles"=dword:00000001
"HaveExceptionDirs"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Exclusions\Domain Controller\FileExceptions]
"C:\\WINDOWS\\NTDS\\EDB.chk"=dword:00000000
"C:\\WINDOWS\\NTDS\\edb.log"=dword:00000000
"C:\\WINDOWS\\NTDS\\edb00001.log"=dword:00000000
"C:\\WINDOWS\\NTDS\\edb00002.log"=dword:00000000
"C:\\WINDOWS\\NTDS\\edb00003.log"=dword:00000000
"C:\\WINDOWS\\NTDS\\ntds.dit"=dword:00000000
"C:\\WINDOWS\\NTDS\\RES1.log"=dword:00000000
"C:\\WINDOWS\\NTDS\\RES2.log"=dword:00000000
"C:\\WINDOWS\\NTDS\\TEMP.edb"=dword:00000000
"C:\\WINDOWS\\ntfrs\\jet\\log\\edb.log"=dword:00000000
"C:\\WINDOWS\\ntfrs\\jet\\log\\res1.log"=dword:00000000
"C:\\WINDOWS\\ntfrs\\jet\\log\\res2.log"=dword:00000000
"C:\\WINDOWS\\ntfrs\\jet\\Ntfrs.jdb"=dword:00000000
"C:\\WINDOWS\\ntfrs\\jet\\sys\\edb.chk"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Exclusions\Domain Controller\NoScanDir]
"C:\\WINDOWS\\SYSVOL"=dword:00000000
"c:\\windows\\sysvol\\domain\\DO_NOT_REMOVE_NtFrs_PreInstall_Directory"=dword:00000001
"c:\\windows\\sysvol\\staging"=dword:00000001
"C:\\WINDOWS\\SYSVOL\\staging areas"=dword:00000001
"C:\\WINDOWS\\SYSVOL\\sysvol"=dword:00000001