McAfee is blocking computer GPO from being applied

Posted on 2009-04-27
Last Modified: 2013-11-16
McAfee Total Protection for Small Business (TOPSB) is blocking AD computer policies from being applied.  It appears as if the Mcafee firewall is blocking all communications until the computer is fully booted and all the Mcafee services are started.  This is a problem because some policies are only applicable to the computer settings.  How can I get the GPO to apply without removing Mcafee? Mcafee has been little to no help (as usual).  Any suggestions?
Question by:PlazaProp
    LVL 51

    Expert Comment

    It may simply be an exclusion to Ping (icmp) that needs to be added to the client firewall - this is how the computers determine if they can apply group policy.

    LVL 1

    Author Comment

    Unfortunately the Mcafee firewall does not have the ability to customize ICMP or UDP traffic, just TCP.  I think they may have updated the fiewall engine last yesterday and the policies may now be applying. I will have to do some more testing.  But I wlll keep in mind the ping thing and see if the computers that are applying the  policies can be pinged or not.  
    LVL 51

    Expert Comment

    LVL 1

    Accepted Solution

    Well, Mcafee was never a help.  Initially at the start of this issue I had tried to uninstall the Mcafee software and re-install and that did not fix the issue.  However, something must have changed in the firewall product and now after a firewall removal and re-install GPO's now apply.  Since the firewall software is installed and updated directly from Mcafee, I really have no control over the updates and versioning.  I am not happy with Mcafee, I have lost many hours on this issue.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
    Installing a printer using group policy preferences is not that hard let’s take a look at it. First lets open up your group policy console and edit the policy you want to add it to. I recommend creating a new policy for each printer makes it a l…
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now