Description of Issue
The server agent will not come online or will not install on a Server or Workstation that has ThreatLocker Threat Protection
Cause
The issue affects customers that use ThreatLocker as their security endpoint product on their Active Directory servers where the agent is installed. Threatlocker detects the Quickpass process as an unidentified process and it blocks it from running.
Resolution
- The solution is to add a white list entry in ThreatLocker for the Quickpass program files path of C:\Program Files\Quickpass Software (and subfolders)
C:\ProgramData\Quickpass Software
And whitelist if possible the service:- You can also whitelist the signature file for the installation file
- You can also whitelist the signature file for the installation file
- ThreatLocker has a policy called “RunDLL - Block Internet (Ringfenced)” which is by default applied to each workstation and server group. This policy needs to be updated to allow the FQDN in the INTERNET ringfencing.
- See this KB on what IPs and FQDN/DNS entries to unblock.
https://support.getquickpass.com/hc/en-us/articles/4402712146711-Firewall-Port-Exceptions-IP-Whitelisting-for-Agent-and-API-Communication
- See this KB on what IPs and FQDN/DNS entries to unblock.
Comments
0 comments
Please sign in to leave a comment.