CB Defense: Errors applying Active Directory security policy via GPO
search cancel

CB Defense: Errors applying Active Directory security policy via GPO

book

Article ID: 289682

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

  • Windows Application logs record event ID 1202 repeatedly¬†
  • Active Directory security policy not able to be applied

Environment

  • CB Defense Web Console: All Versions
  • Microsoft Windows: All Supported Versions
  • CB PSC Sensor: 3.4.0.1086 and higher

Cause

The cause of this issue is due to the tamper protection mechanism within the PSC Windows Sensor

Resolution

There are two potential resolutions to this issue:
  • Modify the GPO setting to use inheritable permissions when applying the security policy
OR
  • Remove the GPO setting¬†to replace inheritable permissions on HKLM\Software