CB Defense: Errors applying Active Directory security policy via GPO
book
Article ID: 289682
calendar_today
Updated On:
Products
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)
Issue/Introduction
- Windows Application logs record event ID 1202 repeatedly
- Active Directory security policy not able to be applied
Environment
- CB Defense Web Console: All Versions
- Microsoft Windows: All Supported Versions
- CB PSC Sensor: 3.4.0.1086 and higher
Cause
The cause of this issue is due to the tamper protection mechanism within the PSC Windows Sensor
Resolution
There are two potential resolutions to this issue:
- Modify the GPO setting to use inheritable permissions when applying the security policy
OR
- Remove the GPO setting to replace inheritable permissions on HKLM\Software
Feedback
thumb_up
Yes
thumb_down
No