159
Prevent DNSFilter from being removed with a password to remove application
under review
Activity
Newest
Oldest
Mikey Pruitt
Mikey Pruitt
Hi Pandya, thanks for the feedback. It's difficult to prevent admin users on a device from performing admin level tasks like uninstalling software. It's been done but not without deep connections into the operating system which are potential security vulnerabilities.
There is already a request to password protect uninstall of the roaming client so I will merge your request there.
Thank you again for taking the time to provide your feedback.
Patrick
While the below method is helpful this would only apply in a traditional AD environment. Nearly all security software and filtering tools have an uninstall password. Also, if it is a personal device you may want to allow the user to remove and provide the password but this is not easy if you do not add it into the control panel programs and features.
Mikey Pruitt
Hello voters, thanks for all the feedback so far on the topic of preventing removal of our software. To help a bit, we have a new article in our knowledge base outlining some methods that can be utilized to reduce the likelihood of removal. The section is titled "Preventing Circumvention in the Windows Roaming Client". We hope you find it helpful while we look further into a password option.
Jean-Pierre
This request still being Investigated, would be a great addition to DNS Filters feature set.
Mihir
You can use ARPSYSTEMCOMPONENT=1 switch when doing an install and it will hide it from the Control Panel (appwiz.cpl) and I think there is also another switch for hiding the DNS Filter tray icon as well.
Mikey Pruitt
under review
We are reviewing what is possible to implement an uninstall password. The only solutions we've seen that prevent device administrator accounts from uninstalling involve kernal hacking.
There is a solution already if you are using Active Directory and our Windows Roaming Client using group policies. We are creating documentation to assist with this setup now.
Joe Jones
Mikey Pruitt: I would think there would be a way as every Anti-virus I have every managed has this ability. Of course there are always ways around it.
Mikey Pruitt
Joe Jones: Yes, Anti-virus software is what we've been researching. Thanks for posting. We will continue to update you on what we learn.
Reginald
Mikey Pruitt: i do not have AD on this network as i have a mix of operating systems
Faisal
Mikey Pruitt: Any update on this
Mikey Pruitt
Faisal: No solid updates yet but we are still investigating.
Mikey Pruitt
Isaac
Isaac
There's an option for command line install to not put it in the uninstall list. Not perfect but would prevent the average user from removing it. I also have a script that runs regularly from RMM to reinstall it if missing and notify me. Password would be nice though.
Load More
→