Considerations with 3rd Party Anti-Virus and Threat Detection & Prevention solutions and Authlogics Authentication Server

Some 3rd party Anti-Virus and Threat Detection & Prevention solutions prevent non-approved applications from accessing local system resources. This can prevent Authlogics Authentication Server from installing or functioning correctly.

Issues can include:

  • The installation program may fail to start after initially extracting files.
  • Authlogics services failing to access database files or write to log files.
  • Components are not able to connect to the Windows services.
  • Services are unable to access certificates in the Windows Certificate Store.

Furthermore, some of these issues can appear to be intermittent.

In these situations, the Anti-Virus / Threat Detection and Prevention solution will need to be configured to allow Authlogics Authentication Server to function correctly. Issues are most commonly found with the following vendors' products, however this is not an exhaustive list:

  • McAfee
  • Symantec

Configuring Exceptions in 3rd party solution

The following is a list of the Executable, DLL and .NET Framework Library files created and utilised by Authlogics Authentication Server v4.x and will need to be "excluded" by the Anti-Virus or "white-listed" by the Anti-Virus or Threat Prevention & Detection solution:

Folders

The following folder and its sub folders:

  • C:\Program Files\Authlogics Authentication Server\

Executable code and processes

Executable code and processes located within C:\Program Files\Authlogics Authentication Server\ folder:

  • AuthenticationServerService.exe
  • AuthNPS.dll

Executable code / processes located within C:\Windows\System32\ folder:

  • AuthRad.dll

Executable code / processes located within Authlogics folders within the Global Assembly Cache (C:\Windows\Microsoft.NET\assembly\GAC_MSIL):

  • Authlogics
  • Authlogics.ActiveDirectory
  • Authlogics.Core
  • Authlogics.PasswordPolicy
  • Authlogics.Providers.ActiveDirectory

.NET Framework 4.8 libraries

  • System
  • System.Core
  • System.Configuration
  • System.Configuration.Install
  • System.Data
  • System.Data.DataSetExtensions
  • System.Deployment
  • System.DirectoryServices
  • System.DirectoryServices.AccountManagement
  • System.DirectoryServices.Protocols
  • System.Drawing
  • System.EnterpriseServices
  • System.Management
  • System.RunTime.Serialization
  • System.Security
  • System.ServiceModel
  • System.ServiceProcess
  • System.Web
  • System.Web.Extensions
  • System.Web.Services
  • System.Windows.Forms
  • System.Xml
  • System.Xml.Linq

Certificate Store

Some Anti-Virus or Threat Detection and Prevention solutions can also limit which applications and processes can access certificate stores. Authlogics Authentication Server requires access to the workstation's Local Computer Certificate store and must be given access.

Windows Defender Data Execution Prevention (DEP)

Windows Defender DEP may erroneously prevent the Authlogics Authentication Server installation program from functioning correctly. Windows Defender DEP is disabled by default on Windows Server, however if it has been enabled an exclusion may be required for the Authlogics installer to function. As DEP technology includes signature updates the behaviour may not always be consistent and installation may succeed even when DEP is enabled.

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.