Steps to troubleshoot issues with Trusted Directory Approvals.

• App Control Agent: All Supported Versions
• App Control Server: All Supported Versions

1. Verify the details of the Trusted Directory in: Rules > Software Rules > Directories:
   • Computer Name should not be grey for the relevant Trusted Directory, if it is the Agent is currently Disconnected.
   • Path should still exist on the relevant endpoint.
     • Do not create multiple Trusted Directories for the same path.
     • Paths must have correct directory delimiters and characters for the relevant Operating System.
     • Case sensitivity is determined by the Operating System.
     • Paths should not include Removable Drives, as the drive letter may change and Removable Drives are not re-scanned when removed/re-attached.
   • Status should not be red (Inaccessible), if it is the Agent or folder might be deleted.
   • If Agent is connected, path exists, and is accessible: continue.
2. Click View Details on the relevant Trusted Directory.
   • Status should be Enabled.
   • Policies should match expected Policies.
   • Progress is an indicator of Crawl Jobs.
     • Each folder is a Crawl Job, and each archive is a Crawl Job.
     • One folder with 3 archives is 4 Crawl Jobs.
     • The Progress field is cumulative and the numbers do not reset.
     • The Progress numbers might actually increase, even if files have not been added.
3. From the endpoint hosting the Trusted Directory
   1. Use a command prompt to authenticate with the Agent:

      cd "C:\Program Files (x86)\Bit9\Parity Agent\"
      dascli password GlobalPassword

   2. Verify the relevant file shows as Crawlable using the crawlinfo command, example:

      dascli crawlinfo "D:\TrustedDirectory\GlobalInstallFile.exe"

   3. Check for current Crawl Jobs to verify the file is not actively being Crawled:

      dascli crawljobs

   4. If the Agent is not actively crawling the relevant file, and it shows as Crawlable, an On Demand Crawl may be issued with the dascli crawlfile command, example:

      dascli crawlfile "D:\TrustedDirectory\GlobalInstallFile.exe"

4. In the Console, navigate to Reports > Events
   1. Change the Saved View: (none)
   2. Click Show Filters > Add filters:
      • Source > is: relevant Trusted Directory Agent
      • Subtype > is: Trusted Directory scan
      • Subtype > is: Trusted Directory import
      • Subtype > is: File approval created
   3. Set the Max Age accordingly.
   4. Export to CSV & review for errors.
5. Attempt to execute the file on the endpoint hosting the Trusted Directory.
   • If a user attempts to execute an instance of a file Approved via Trusted Directory, the Server allows the Agent to run the file immediately and sends the Approval to the other Agents.

If the issue persists, open a case with Support and provide:

• Screenshot from the Console > Rules > Software Rules > Directories > relevant Trusted Directory
• The CSV generated during Step 4
• Agent Historical Logs
• Relevant file information:
  • Full file path & name
  • File size
  • Date & time file added to the Trusted Directory

• Trusted Directories on Linux and macOS:
  • Agents do not crawl subfolders of Trusted Directories.
  • Agents do not crawl contents of archive files (zip, tar, etc)
  • files added to a Trusted Directory for a macOS or Linux Agent must be in the specified Trusted Directory, and expanded manually.
• Trusted Directory Approvals are not removed when:
  • Files are deleted from the Trusted Directory.
  • The Trusted Directory is disabled or deleted in the Console.