11-27-2008 07:56 AM
Has any one had any success using the Kill Process Host Checker remediation option?
I’m trying to configure a host check that will kill the Bonjour mDNSResponder.exe process that breaks Network Connect. I’ve set up the host check as normally and selected the Kill Processes option but Host Checker is not killing the process. I have tried having the Host Check set to “Evaluate” and “Require and Enforce” on the realm both without success. The logs show the check is evaluating correctly and when set to “Require and Enforce” access to the realm is blocked. Any ideas what I’m missing?
Running Version 6.1R2-1 (build 13103)
12-08-2008 08:59 AM
Howdy - I am running 63R1-1. Setup a host check to look for notepad process, deny it and to kill it if found. Under Windows XP Pro SP2. I linked the host check to a realm login. Hit the URL with an IE 6 browser and the notepad.exe was killed right away. Also tried accessing the realm through a generic URL that lets you select the realm from the pulldown. The notepad.exe was killed as part of the generic host check even before the login screen was displayed in both cases and my login was successful.
Interestingly enough I then tried it again with W2K client and got different behavior. When specifying the URL that took me directly to the realm login I saw that the notepead.exe was killed but I got the "you do not have permission to login" error message.
Then just for fun I tried it on a second XP Pro SP2 machine and got the same behavior as with the W2K box. Process was killed but login denied. Tried it a second time using the generic URL with the realm pulldown. Process killed and I could access the realm through the pulldown. The second PC was running IE7 versus the first XP and the W2K PC's which were running IE6.
Also then noticed that whenever I restarted the browser, if notepad.exe was running the process was killed, even though my browser default start page was “blank” – so I am guessing that all of this behavior is tied a browser conflict of some type.
Hope this info was of some value.
12-09-2008 04:51 AM