What Symantec DLP activities required a local or domain administrator account.
Article ID: 184801
Updated On:
Products
Issue/Introduction
What Symantec DLP activities required a local or domain administrator account.
Resolution
On the Endpoint system to run any of the following DLP Agent tools:
- AttributeQueryResolver.exe
- DeviceID.exe
- GetAppInfo.exe
- logdump.exe
- service_shutdown.exe
- vontu_sqlite3.exe
- uninstall_agent64.bat / uninstall_agent.bat
- Running the Clean Agent tool for problematic agent removal cases
Any activities that involve installation on any system with DLP software (Enforce / Detection Server / Endpoint Agent) would require Administrative privileges for the following:
- Installing
- Reinstalling
- Uninstalling
- Upgrade
Modification of any configuration files in the DLP installation folders.
To run Sqlplus or the AdminPasswordReset utility on the Enforce server (see the Admin guide for details).
To run our Symdiag tool on occasion for troubleshooting purposes to collect data either from the server or endpoint systems (See Collect data for support cases with Symantec Diagnostic Tool (SymDiag)).
Additional Information
For sudo or root permissions for enforce/detection servers, the same activities that require local or administrator account, also require root/sudo access. See Below:
Any activities that involve installation on any system with DLP software (Enforce / Detection Server / Endpoint Agent) would require sudo/root privileges for the following:
- Installing
- Reinstalling
- Uninstalling
- Upgrade
Modification of any configuration files in the DLP installation folders.
To run Sqlplus or the AdminPasswordReset utility on the Enforce server (see the Admin guide for details).
To run our Symdiag tool on occasion for troubleshooting purposes to collect data either from the server or endpoint systems (See Collect data for support cases with Symantec Diagnostic Tool (SymDiag)).
Feedback
