Setup guide
McAfee ePO
Advanced Suite Installer Product Guide
McAfee ePO
Advanced Suite Installer Page 31
Configure the Share Names and Permissions
Configuration of the folders on Windows 2008 Server for Device Control requires specific security
settings.
Configuring the Evidence folder
1 Right-click the evidence folder and select Properties.
2 Select the Sharing tab, then click Advanced Sharing. Select the Share this folder.
3 Modify the Share name to evidence$.
NOTE: The $ ensures that the share is hidden.
4 Click Permissions. With the default user name Everyone selected, allow Full Control, and then click
OK.
5 Select the Security tab, and then click Advanced.
6 On the Permissions tab, click Change Permissions, and then deselect the Include inheritable
permissions from the object's parent option.
7 A confirmation message explains the effect this change will have on the folder. Click Remove. The
Permissions tab on the Advanced Security Settings dialog box now shows all permissions eliminated.
8 Click Add to select an object type.
9 In the Enter the object name to select text box, type Domain Computers, then click OK.
The Permission Entry dialog box is displayed.
10 In the Allow column, select
Create Files/Write Data and Create Folders/Append Data. Verify
that the Apply to option says This folder, subfolders and files, then click OK.
The Advanced Security Settings dialog box now includes Domain Computers.
11 Click Add again to select an object type.
12 In the Enter the object name to select text box, type Domain Admins (or another security group if
desired), then click OK to display the Permission Entry dialog box.
13 In the Allow column, select Create Files/Write Data and Create Folders/Append Data. Verify
that the Apply to option says This folder, subfolders and files, then click OK.
The Advanced Security Settings dialog box now includes Domain Admins.
14 Click OK, OK, and then Close on the remaining dialog boxes.
Configuring the Whitelist folder
1 Right-click the whitelist folder and select Properties.
2 Select the Sharing tab, then click Advanced Sharing. Select the Share this folder.
3 Modify the Share name to whitelist$, and click OK.
NOTE: The $ ensures that the share is hidden.
4 Click Permissions. With the default user name Everyone selected, allow Full Control, and then click
OK.
5 Select the Security tab, and then click Advanced.
6 On the Permissions tab, click Change Permissions, and then deselect the Include inheritable
permissions from the object's parent option.
7 A confirmation message explains the effect this change will have on the folder. Click Remove. The
Permissions tab on the Advanced Security Settings dialog box now shows all permissions eliminated.
8 Click Add to select an object type.
9 In the Enter the object name to select text box, type Domain Computers, then click OK.
The Permission Entry dialog box is displayed.
10 In the Allow column, select
List Folder/Read Data. Verify that the Apply to option says This
folder, subfolders and files, then click OK.
The Advanced Security Settings dialog box now includes Domain Computers.
11 Click Add again to select an object type.
12 In the Enter the object name to select text box, type Domain Admins (or another security group if
desired), then click OK to display the Permission Entry dialog box.