Phone Lines icon GFI Support Home Sign in
Start a conversation
  1. GFI Support
  2. GFI Support - EndPointSecurity Section
  3. Articles

Error: 'Failed to update the protection agent. The control for this agent is restricted' when updating a protection policy ( Only)

Answer

PROBLEM

When trying to update a protection policy of GFI EndPointSecurity the following error is encountered:
 
Failed to update the protection agent.  The control for this agent is restricted.

ENVIRONMENT

  • GFI EndPointSecurity
  • All supported environments

SOLUTION

Solution 1

  1. On the agent computer, open Registry Editor (Start > Run > type regedit)
  2. Check that the following registry key exists and all values are in place:
    • x86: HKEY_LOCAL_MACHINE\SOFTWARE\GFI\EndPointSecurity5\AgentSettings
    • x64: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\GFI\EndPointSecurity5\AgentSettings
If any of the keys / values are missing, GFI EndPointSecurity will restrict updates to the agent until the values are set properly. If this issue occurs, it is possible that users have tampered with the agent registry keys.

Solution 2

This error may occur when agent security is enabled, and one of the following occurs:
  • The console was re-installed and agent security has not been enabled or a different password has been specified
  • The agent machine has been added to a different console that has agent security disabled or a different password has been specified
Perform the following steps to address this issue:
  1. Open the GFI EndPointSecurity console and go to Configuration > Options > Advanced Options
  2. Go to the Agent Security tab
  3. Enable agent control and specify the original password that the agent has been deployed with
NOTE: This setting is applies to the all agents added to the console.

Solution 3

If you cannot remember the former password per solution 2:

The agent and its configuration files are very well protected from tampering and cannot be accessed directly in Microsoft Windows.
 
In the C:\Program Files\GFI\EndPointSecurity 6\Data\ directory on the GFI EndPointSecurity server, view toolcfg_advancedsettings.xml in a text editor. You will see a section that looks like this: 
agentPassword="bIaQd!b,dMb(dNb;dMdielkfuidksQd$b,beb(" 
 
On the agent there is a similar file in the C:\Program Files (x86)\GFI\EndPointSecurity 6 Agent\Data\ directory. The difficulty is that this file is protected and you cannot open or edit it. So, you have to get a copy of it by booting from another source and copy it. You can boot to the recovery console (disabling all drivers) or use a Linux Live CD to boot from and copy the file.
 
Then you do the following: 
 
1. Backup the copy that is on the server. 
2. Then edit the original by opening the copy from the agent, copying the above section from the agent file and pasting it in the server's copy. Then deploy the update to the agent.

CAUSE

This error may be encountered for different reasons. Please refer to the solution section above. 
Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Priyanka Bhotika

  2. Posted

Comments