App Control:“Resend All Policy Rules” Does Not Fully Replace Configlist
Article ID: 287029
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
- After performing "Resend All Policy Rules" on an Agent, the Agent still has some old policy rules and meters in place.
Environment
- App Control Server: All Supported Versions
- App Control Agent: All Supported Versions
- Microsoft Windows: All Supported Versions
Cause
- Not all of the old policies and meters on the Agent(s) were successfully purged and updated
Resolution
From the Console:
- Navigate to https://<Servername>/shepherd_config.php
- Find property "EnableConfigListFullImport" (8.5 and prior agent versions check additional notes)
- Set property to "true"
- Re-send policy rules on affected device(s)
- https://community.carbonblack.com/t5/Knowledge-Base/Cb-Protection-How-to-resend-policy-rules-to-an-agent/ta-p/63241
- Obtain a copy of configlist.xml from the servers install directory
- (Default location is C:\Program Files (x86)\Bit9\ParityServer\configxml)
- Open an admin CMD prompt
- Run commands:
CD C:\Program Files (x86)\Bit9\Parity Agent dascli password <cli-password> dascli importconfiglist <Path>configlist.xml full now
Additional Information
- Shepherd Config EnableConfigListFullImport is not working as expected in 8.5 and prior agent versions, the issue is resolved in 8.6 and 8.7 Agent Version
- If the device shows a status of "Red" or "Reboot Required":
- Navigate to Assets> Computers
- Find the device in question and go into it's "computer details"
- Navigate to Advanced > Other Actions > Restart Service (this will clear the reboot warning)
- The "full" and "now" switches used in the importconfiglist command will clean out all the config and policy information from the agent and update it immediately from the provided file
- Achieve this by reinstalling the agent, this will cause the agent to reinitialize however
Feedback
Yes
No
Powered by
