Help

Restricted software not working?

Go to solution
cpizanias
Contributor

Posted on ‎07-18-2016 06:47 AM

My organization restricts certain software in Casper (torrenting programs for example) however when I added entries for new software to restrict, I am still able to open the programs on my test machine. I'm not sure why the older software restrictions are being enforced but not the ones I added last week. Any thoughts would be appreciated.

0 Kudos
Reply
1 ACCEPTED SOLUTION

Go to solution
mm2270
Legendary Contributor III

Posted on ‎07-18-2016 07:59 AM

Hmm, ok, so next step will be to see if the restricted software setting made it to your test Mac, but just isn't doing what its supposed to. You can examine the actual blacklist.xml file to see if the entry is there.
Run this command in Terminal to see the entries in the xml file on your test Mac.

xmllint --format /Library/Application Support/JAMF/.blacklist.xml

That should print out a formatted list of the Restricted Software entries. You'll need to scan the results or throw a grep on at the end to look for the item or items you added that aren't getting applied to see if they're in the xml file.
If they are, then you might have to go back and examine your Restricted Software entries to see if perhaps you added them in incorrectly. Like maybe they aren't looking for the right process? Double check the Scope while in it to make sure your test Mac is in scope.

OTOH, if they aren't there, then it means the setting's not getting applied to the Mac at all, despite running the sudo jamf manage command, which should bring it down. That might indicate a management issue with your test Mac, or it could be a problem with your JSS or something.

Another thing, silly, but since I didn't see you mention it, has your test Mac been restarted since you set up the Restricted Software entries?

View solution in original post

Reply
8 REPLIES 8

Go to solution
mm2270
Legendary Contributor III

Posted on ‎07-18-2016 07:16 AM

Hi, you may want to read through some older threads on the topic of Restricted Software and troubleshooting. Here's one that may have an answer for you: https://jamfnation.jamfsoftware.com/discussion.html?id=17919

0 Kudos
Reply

Go to solution
cpizanias
Contributor

Posted on ‎07-18-2016 07:37 AM

@mm2270 I tried what was suggested in those posts, restarted mysql and tomcat, did a sudo jamf manage and it's still not enforcing the new entries I added under restricted software. The advice at Restricted Applications not getting restricted didn't help either.

0 Kudos
Reply

Go to solution
mm2270
Legendary Contributor III

Posted on ‎07-18-2016 07:59 AM

Hmm, ok, so next step will be to see if the restricted software setting made it to your test Mac, but just isn't doing what its supposed to. You can examine the actual blacklist.xml file to see if the entry is there.
Run this command in Terminal to see the entries in the xml file on your test Mac.

xmllint --format /Library/Application Support/JAMF/.blacklist.xml

That should print out a formatted list of the Restricted Software entries. You'll need to scan the results or throw a grep on at the end to look for the item or items you added that aren't getting applied to see if they're in the xml file.
If they are, then you might have to go back and examine your Restricted Software entries to see if perhaps you added them in incorrectly. Like maybe they aren't looking for the right process? Double check the Scope while in it to make sure your test Mac is in scope.

OTOH, if they aren't there, then it means the setting's not getting applied to the Mac at all, despite running the sudo jamf manage command, which should bring it down. That might indicate a management issue with your test Mac, or it could be a problem with your JSS or something.

Another thing, silly, but since I didn't see you mention it, has your test Mac been restarted since you set up the Restricted Software entries?

Reply

Go to solution
cpizanias
Contributor

Posted on ‎07-18-2016 08:12 AM

@mm2270 Totally not silly. Yes it's been restarted. The applications are being listed in the blacklist file properly. The scope is set to all computers. Process name seems correct. It's just like it's choosing to not enforce it for whatever reason. Screenshot attached.269fc2e3f6914357ba2e8a73d25e584c

0 Kudos
Reply

Go to solution
tomt
Valued Contributor

Posted on ‎09-19-2016 06:27 PM

Creating a restriction for Sierra and everything works as expected after the target machine restarts. Wondering if anyone knows if there is a way to restart a process so that the restrictions are picked up without restarting the machine? My users rarely restart.

0 Kudos
Reply

Go to solution
plawrence
Contributor II

Posted on ‎09-19-2016 06:36 PM

@tomt Try running a 'jamf manage' after updating your restrictions

0 Kudos
Reply

Go to solution
donmontalvo
Esteemed Contributor III

Posted on ‎09-19-2016 08:49 PM

Just curious if the last_management_framework_change_id key in /Library/Preferences/com.jamfsoftware.jamf.plist On effected computers matches the same key on computers that are not effected? Refer to this thread.

--
https://donmontalvo.com
0 Kudos
Reply

Go to solution
tomt
Valued Contributor

Posted on ‎09-20-2016 01:33 PM

@plawrence Running a test now on a machine that has not yet been rebooted. The restriction worked as expected. Maybe I was hasty in my previous message?

@donmontalvo I have two test machines on my desk and both have the same key (32727). One I have rebooted a few times since yesterday and the other has been on but not rebooted since last week.

Thanks,
Tom

0 Kudos
Reply