Carbon Black Cloud: How to Configure GPO to Allow Sensor Upgrades
search cancel

Carbon Black Cloud: How to Configure GPO to Allow Sensor Upgrades

book

Article ID: 289769

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

Configure GPO to allow future sensor upgrades upgrades from GPO, Console, SCCM, manual, etc... 

Environment

  • Carbon Black Cloud: All Versions
  • Microsoft Windows: All Supported Versions
  • Initial deployment via GPO

Resolution

Disconnect Sensors from the Group Policy
  1. Select Start > Administrative Tools > Group Policy Management > and select the Group Policy Object (GPO)
  2. In your GPO select Computer Configuration > Policies > Software Settings > Software Installation
  3. Right-click the Cb Defense Sensor package
  4. Select All Tasks > Remove...
  5. Select Allow users to continue to use the software but prevent new installations
    User-added image
  6. Click OK

Additional Information

  • Selecting "Allow users to continue to use the software but prevent new installations" will remove the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\AppMgmt\{CB Defense GUID} registry key without uninstalling the current version of the sensor. This allows future sensor upgrades from GPO, Console, SCCM, manual, etc... 
  • To confirm the registry key is removed by going to regedit, going to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\AppMgmt, and search for CB Defense, PSC Sensor, or Carbon Black Cloud If no results are found, the key is removed.
  • CB Defense Sensor 3.2.x.x introduced additional checks prior to upgrade to verify that sensors initially installed via GPO are configured by GPO to allow the updates to be pushed from the Cloud or installed manually. CB Defense: Unable to upgrade to Sensor 3.2+ (GPO) (https://community.carbonblack.com/t5/Knowledge-Base/Cb-Defense-Unable-to-upgrade-to-Sensor-3-2-GPO/ta-p/48614)