Release NotesKnown IssuesGeneral Known Issues › Windows Endpoint Known Issues

Previous Topic: General Known Issues

Next Topic: UNIX Endpoint Known Issues

Windows Endpoint Known Issues

This section describes known issues for CA Access Control for Windows.

Audit Filter in CA Access Control Endpoint Management Causes Performance Degradation

Applying a filter on the audit records in CA Access Control Endpoint Management may lead to performance degradation if CA Access Control Endpoint Management cannot find the specified records.

For example, if you defined the audit records filter to display the last 100 related records of a specific FILE resource and the audit file contains less than 100 records, CA Access Control Endpoint Management will repeat the request indefinitely.

Microsoft Internet Explorer 7.0 Compatibility Issues with CA Access Control

Due to compatibility issues of Microsoft Internet Explorer 7.0 with CA Access Control, the browser may stop responding. To work around the issue, Install Microsoft Internet Explorer 8.0 or do the following:

Important! Apply Microsoft software patch KB957388 before you begin this procedure. You can download the software patch from the Microsoft web site.

  1. Stop all CA Access Control services.
  2. Open a command line window and run the following command: 
    net stop cainstrm
  3. Open the regedit utility from the Run command line window.
  4. Navigate to the following path: 
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSset\Services\cainstrm\parameters
  5. Modify the ExcludeProcess registry entry value to include the iexplorer.exe file.
  6. From the command line window, run the following command: 
    net start cainstrm
  7. Start the CA Access Control services.
Privileged Processes Can Save and Restore a Registry Tree Without Authorization

On Window Server 2003 and later, when a process obtains the special privileges SE_BACKUP_NAME and SE_RESTORE_NAME, it can save and restore a registry tree without CA Access Control authorization.

FIPS Only Mode on Windows x64

CAPKI 4.1.2 is now supported on x64 CA Access Control endpoint for Windows. However, due to a known issue with RSA, when running the CAPKI 4.1.2 in FIPS enabled mode, communication is significantly delayed.

Rename HOST Event in selang Marked as Unknown Event in CA Enterprise Log Manager Reports

A rename HOST event performed in selang is displayed as an unknown event in CA Enterprise Log Manager reports.