Overview
A protection policy has been configured and the agent has been deployed to the client machines but users still have full access to all devices and nothing is blocked.
Environment
- EndPointSecurity
- All Supported Environments
Root Cause
This issue can occur for several reasons, please check the resolution section below.
Resolution
Solution #1
- Check if the client machines were created from an image that had the EndPointSecurity agent already installed.
- This is not supported and to resolve the issue, uninstall all agents via the console and deploy the agents once again.
Solution #2
- Verify that the agent is not running in freeware mode, as this means that only monitoring is possible but no devices are controlled.
- Agent licensing works independently of the server, and when evaluating EndPointSecurity the console might display that the there are still a number of days left until it expires.
- However, if the agent was previously running on a client machine, the evaluation period still expires and running in freeware mode.
- To verify if the agent is running in freeware mode, open the agent log file and search for the following:
"info ","AgentEsecService"," freeware mode license."
and further down:
"info ","DevicesController"," policy guid: 70600f38-caaa-43fd-b2b0-89158bc11cd0"
"info ","DevicesController"," read controlled categories:"
"info ","DevicesController"," enabled categories: 0,1,2,3,4,5,6,7,9,"
"info ","DevicesController"," read controlled ports:"
"info ","DevicesController"," enabled ports: 0,1,2,3,4,5,6,7,"
"info ","DevicesController"," Set Freeware Mode."