How to allow access to files that received a Scan Error verdict by Protection Engine.
search cancel

How to allow access to files that received a Scan Error verdict by Protection Engine.

book

Article ID: 177622

calendar_today

Updated On:

Products

Protection Engine for Cloud Services Protection for SharePoint Servers Protection Engine for NAS

Issue/Introduction

How to allow access to files that received a Scan Error verdict by Symantec Protection Engine (SPE).

Symptoms
Unable to access or release files for use because Protection Engine is returning a scan error.

 

Cause

Some files may not be able to be scanned by SPE for various reasons resulting in scan errors being reported to the client application which denies access to the file.

Resolution

Enable Allow Access On Scan Error, this will prevent SPE from reporting that there was an Error to the client. To enable this,

For SPE prior to 7.5.0:

  1. Stop the SPE process.
  2. Using the command line, if using Windows use a Command Prompt, and change directories to the SPE Engine install directory.
  3. Run the command "java -jar xmlmodifier.jar -s /configuration/protocol/AllowAccessOnScanError/@value true configuration.xml".
  4. Start the SPE process.

Note: The java command above assumes java is available in the environmental "PATH" variable and able to be run from the cmd.exe regardless of location. It may be necessary to use the full path to the java binary if it is not in the PATH. ("c:\program files\java\jre6\bin\java -jar xmlmodifier.jar -s /configuration/protocol/AllowAccessOnScanError/@value true configuration.xml")
 

For SPE 7.5.0 to 7.8.1:

  1. Stop the SPE process.
  2. Using the command line, if using Windows use a Command Prompt, and change directories to the SPE install directory.
  3. Run the command "xmlmodifier.exe -s /configuration/protocol/AllowAccessOnScanError/@value true configuration.xml".
  4. Start the SPE process.

For SPE 7.9.x and newer:

  1. Stop the SPE process.
  2. Using the command line, if using Windows use a Command Prompt, and change directories to the SPE install directory.
  3. Run the command "XMLModifier.exe -s /policies/ThreatPolicies/Actions/AllowAccessOnScanError/@value "true" policy.xml".
  4. Start the SPE process.