search cancel

PIM-Question about setting path when changing Interception dword value

book

Article ID: 203536

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM)

Issue/Introduction

This is what I know when setting disable.

HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\services\drveng
if it doesn't exist
Add "DisableNetworkInterception" as REG_DWORD in Parameters key if it doesn't exist and set 1 to the value

"DisableProcessInterception"=dword:1
"DisableRegistryInterception"=dword:1
"DisableFileInterception"=dword:1

This is an additional question.
1. Do you set FileInterception, Registryinterception, ProcessInterception in the same path?

Environment

Release : 12.8

Component : CA ControlMinder

Resolution

Please see:

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-identity-manager/12-8-01/reference/the-ca-controlminder-registry/additional-registry-keys.html

The registry keys you asked about should be located in the registry here:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\drveng\Parameters\DisableFileInterception
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\drveng\Parameters\DisableNetworkInterception
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\drveng\Parameters\DisableProcessInterception
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\drveng\Parameters\DisableRegistryInterception