• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 8241
  • Last Modified:

Mcafee Common Framework folder loses permissions

Our company has recently went to Least User Privileges (users are not in local Admin group of their computer).  When a user logs in they get an error message that "The feature you are trying to use is on a network resource that is unavailable". The file it is trying to find is MFEAgent.msi which is in the c:\Docs and Settings\All Users\App Data\Mcafee\Common Framework folder. After giving the users group execute permissions to this folder this error message will go away. The odd thing is every so often (may be after mcafee updates) some of the computers will have this error message reoccur and when the permissions on the folder is checked they have been removed. What would cause this?
0
michaliv
Asked:
michaliv
  • 2
1 Solution
 
acmpCommented:
first off I'd give the uers full access to their profiles, ie read & execute.  

Do yo use roaming profiles?  it could be that the permissions are not roaming properly and you may need to make the changes at both the local PC and the network roaming profile storage location.

My last thought is that the agent msi file has restrictive permissions on it in your repository and this is being copied to the client PC's.  Check your users have read & execute access to the files in your repository.
0
 
michalivAuthor Commented:
We do not user roaming profiles. Users do have read and execute permissions for their profile. The file that it looks for is in the All Users profile under Application Data\Mcafee\Common Framework. The Common Framework folder is the folder that is losing permissions. All other folders are keeping their assigned permissions. This folder keeps defaulting to give Administrators and SYTEM full control and the everyone group read permissions. We set the domain users' group to have read and execute permissions, but it removes these permissions. Any other ideas?
0
 
acmpCommented:
How are the permissions on the repository?  These files are copied from the repository by the agent so may be taking the permissions with them.  I'd suggest giving Authenticated Users (or domain users) read and execute access there.

Also does the problem affect 'new' PCs that have been set up after the change to Least User Privileges?  if it does then it may be worth removing a problem PC and re-adding it to the AV system to see if it sorts it out.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now