There are multiple ways that Tamper Protection can be disabled or weakened. Global Settings can be overridden by per-Policy settings, which can be overridden by per-Agent settings. To determine which combination of settings may be interfering with Tamper Protection:
- Log in to the Console and navigate to /support.php > Advanced Configuration:
- Verify Enable Agent Uninstall is unchecked.
- Verify Disable Tamper Protection is unchecked.
- Open a command prompt and issue the following commands to check for weakened Tamper Protection:
cd "C:\Program Files (x86)\Bit9\Parity Agent"
dascli password GlobalPassword
dascli configprops filter *allow_u*
- If allow_uninstall=1 is returned:
- Verify the Enable Agent Uninstall option is unchecked in Step 1.
- Verify an existing Agent Config for allow_uninstall=1 does not exist.
- If allow_upgrade=1 is returned:
- Issue the following commands to check for disabled Tamper Protection:
dascli password GlobalPassword
dascli configprops filter *disable_self*
- If disable_self_protect=1 is returned:
- After completing any/all changes, verify the Agent shows as Connected & Up to Date in Assets > Computers.
If the issue persists please open a case with Support and provide the
Agent Historical Logs from a machine.