Documente Academic
Documente Profesional
Documente Cultură
ii
McAfee, Inc.
1)
PROMPTLY RETURN THE SOFTWARE AND PROOF OF ENTITLEMENT TO THE PARTY FROM WHOM YOU ACQUIRED THEM
Definitions.
a)
b)
c)
d)
e)
f)
g)
h)
i)
j)
2)
McAfee, Inc.
a)
b)
b)
8)
11)
Without prejudice to your payment
a.
obligations, you may terminate your license at
any time by de-installing the Software.
McAfee may terminate your license in the
event you materially breach the terms of this
Agreement and you fail to cure such breach
within thirty (30) days of receiving notice of
such breach. Upon such termination you shall
15)
McAfee, Inc.
a)
b)
c)
d)
All notices, requests, demands, and determinations
This Agreement, including all documents
for McAfee under this Agreement (other than
incorporated by reference, represents the entire
routine operational communications) shall be sent
agreement between the parties, and expressly
to: the applicable entity address on the first page
supersedes
and
cancels
any
other
of this Agreement addressed to Attention: Legal
communication, representation or advertising
Department.
whether oral or written, on the subjects herein. If
you issue an order to an Authorized Partner or to 16)
Product Improvement Information
McAfee and the terms and conditions of the Collection Addendum
order conflict with the terms and conditions of a)
You understand and agree that the Software may
this Agreement or b) of the Grant Letter, then the a)
automatically collect data and information about
terms and conditions specified in this Agreement
McAfee, Inc.
3965 Freedom Circle
Santa Clara, CA 95054
USA
Document Version:4.0
Product Version:Windows 5.1.0-6824,
AIX 5.1.0-6823, Linux 5.1.0-6823, HPUX 5.1.0-6823, Solaris 5.1.0-6823
Publication Date: December 2011
McAfee, Inc.
Table of Contents
PREFACE ..................................................................................................................................................... 1
ABOUT THIS GUIDE .................................................................................................................................... 1
AUDIENCE................................................................................................................................................... 1
DOCUMENT ORGANIZATION ....................................................................................................................... 1
DOCUMENT CONVENTIONS ......................................................................................................................... 1
CONTACTING SUPPORT ............................................................................................................................... 2
PRODUCT FEATURES .............................................................................................................................. 3
WHATS NEW IN THIS RELEASE ................................................................................................................... 3
SOLIDIFIER BASIC COMMAND REFERENCE ................................................................................... 4
BEGINUPDATE (BU) ................................................................................................................................... 4
END-UPDATE (EU) ....................................................................................................................................... 4
BEGIN-OBSERVE (BO) .................................................................................................................................. 5
END-OBSERVE (EO) ..................................................................................................................................... 5
ENABLE ....................................................................................................................................................... 6
DISABLE ...................................................................................................................................................... 7
HELP ........................................................................................................................................................... 7
HELP-ADVANCED ........................................................................................................................................ 8
LICENSE ...................................................................................................................................................... 8
PASSWD....................................................................................................................................................... 9
SOLIDIFY (SO) ............................................................................................................................................. 9
STATUS ......................................................................................................................................................10
TRUSTED ....................................................................................................................................................11
UNSOLIDIFY (UNSO) ...................................................................................................................................14
UPDATERS ..................................................................................................................................................14
VERSION .....................................................................................................................................................17
McAfee, Inc.
Preface
About This Guide
The McAfee Solidifier Command Line Reference Guide (for Application Control) describes the
command-line interface commands used to provision and maintain McAfee Solidifier
application for:
Please refer McAfee Solidifier Product Guide (for Application Control) for an overview and
command usage of the Solidifier CLI.
This guide provides detailed information on each of the CLI commands.
Audience
The McAfee Solidifier Command Line Reference Guide (for Application Control) is intended
for anyone who operates Solidifier application. You are expected to have a general understanding
of basic data communication concepts and some practical knowledge of Microsoft Windows and
UNIX operating systems.
Document Organization
This guide has the following chapters.
Chapter Product features provides the list of features available with list of new features
available in this release.
Chapter Solidifier Basic Command Reference describes the basic commands for
configuring and controlling Solidifier.
Chapter Solidifier Advanced Command Reference describes the advanced commands for
configuring and controlling Solidifier.
X
Document Conventions
The following conventions distinguish different types of text:
McAfee, Inc.
Names of keys on the keyboard are in square braces, such as the [Tab] key.
Note means reader take note. Notes contain helpful suggestions or references to material not
covered in the guide.
Contacting Support
Homepage: http://www.mcafee.com/us/products/application-control.aspx
Phone: +1-800-937-2237
McAfee, Inc.
Product features
Application Control uses dynamic white listing to ensure that only trusted applications run on
devices, servers and desktops. This provides IT with the greatest degree of visibility and control
over clients, and helps enforce software license compliance.
McAfee, Inc.
If the Solidifier is currently in Enabled mode, then this command will change its state to
Update mode.
If the Solidifier is currently in Disabled mode, then McAfee Solidifier service restart will
change its state to Update mode.
OS Platform
Syntax Description
sadmin begin-update [ workflow-id [ comment ]]
end-update (eu)
The end-update command ends the Update mode and changes the Solidifiers operational mode
from Update to Enabled.
OS Platform
McAfee, Inc.
Syntax Description
sadmin end-update
begin-observe (bo)
The begin-observe command starts Observe mode on the system.
Applications will not be prevented or blocked from execution and observations (events) will be
generated. The required actions on the events of endpoint can be decided by ePolicy Orchestrator.
This feature is useful for ePO managed environment only.
OS Platforms
Windows
Syntax
begin-observe [workflow-id [comment]]
Syntax description
begin-observe [workflow-id [comment]]
You can also specify a workflow-id and a description comment for begin-observe mode session.
This information can be used for Change Management or Trouble Ticketing System.
workflow-id
This workflow-id can be used to track changes made to the system in observation mode
during the observe window.
Comment
This command is supported in Disabled mode and Enabled mode. When command is run
from disabled mode, Solidcore will enter observe mode on next reboot.
end-observe (eo)
The end-observe command can be used to end the observation mode on the system and it
changes the Solidifiers operational mode from Observe to Enabled or Disabled.
McAfee, Inc.
OS Platforms
Windows
Syntax
sadmin end-observe [ -d | -u ]
Syntax description
sadmin end-observe
-d
This command disables the McAfee Application Control at end of observation mode. If
this option is not provided, McAfee Application Control will be in observe mode and on
the next boot the observe mode will be Disabled.
sadmin end-observe -u
This command denies all file changes during observation mode. If this option is not
provided all file changes during Observation mode will be authorized after end of
Observe.
sadmin end-observe -u -d
This command denies the file changes during observation mode, disables McAfee
Application Control at the end of observation mode and sets the Solidifier state to
Disabled for next boot.
Command Mode
enable
The enable command can be used to enable the Solidifier, and is possible only after the
execution of sadmin so command which generates the whitelist. The sadmin enable
command changes the Solidifiers operational mode from Disabled to Enabled by restarting the
McAfee Solidifier service, but this will not include the memory-protection feature, as this feature
needs a reboot.
The status command reflects this change of operational mode. It allows only authorize
applications.
OS Platforms
McAfee, Inc.
Command Mode
disable
The disable command disables the Solidifier. It changes the Solidifiers operational mode from
Enabled or Update to Disabled and is effective after the next reboot. The status command reflects
this change of operational mode.
OS Platform
Command Mode
help
The help command provides help information for basic Solidifier commands.
Module Supported
Syntax Description
sadmin help
McAfee, Inc.
help-advanced
The help-advanced command provides help information for advanced Solidifier commands.
OS Platforms
Syntax Description
sadmin help-advanced
license
The license command displays the licensing information of the product and also allows you to
add the product license.
OS Platforms
Syntax Description
sadmin license add licensekey
The sadmin license list command can be issued in any mode. The sadmin license add
command can be issued in Disabled mode only.
McAfee, Inc.
passwd
The passwd command is used to set password for the Solidifier Command line interface.
Once the password has been set, critical sadmin commands can only be executed on verification
of the password.
OS Platforms
Syntax Description
sadmin passwd
solidify (so)
The solidify command generates white list, files in a folder/directory, or files of a system
volume.
OS Platforms
solidify
solidify [ q | v ] filename1 ... filenameN
solidify [ q | v ] directoryname1 ... directorynameN
solidify [ q | v ] volumename1 ... volumenameN
McAfee, Inc.
Solidifies all supported files (recursively) under system volumes volumename1 ...
volumenameN.
If the q argument is specified, only error messages are displayed. All other messages are
written to the Solidifier Log. If the v argument is specified; all messages are displayed
as well as written to the Solidifier Log. If neither the q argument nor the v argument
are specified, the messages are only written to the Solidifier Log.
Command Mode
status
The status command displays the current status of the Solidifier in terms of operational mode,
its connectivity status with ePolicy Orchestrator Managed, access status of the Local CLI, etc.
OS Platforms
Syntax Description
sadmin status
10
McAfee, Inc.
Usage Details
Enabled
Enabled
ePO Managed:
Local CLI access:
Yes
Recovered
[fstype]
* NTFS
[status]
Solidified
The asterisk (*) character prefix indicates the main file system of the primary partition
(C:\ for Windows).
The fstype column indicates the file system type for the volume as NTFS or FAT (for
Windows).
The driver status shows the driver status for the volume - attached indicates
that driver is loaded for the particular volume and Solidifier is in Enable mode or
unattached indicates that Solidifier is in Disable mode for the particular volume.
2. An example of output of the sadmin status command on the UNIX platforms is as follows:
McAfee Solidifier:
Enabled
McAfee Solidifier on reboot: Enabled
ePO Managed:
192.168.16.163:51827
Local CLI access: Recovered
[fstype]
* ext3
ext2
[status]
[driver status]
Solidified
Attached
Solidified
Attached
[volume]
/
/ext2
The asterisk (*) character prefix indicates the root file system (/ for UNIX).
The fstype column indicates the file system type for the volume.
The driver status shows the driver status for the volume - attached indicates
that driver is loaded for the particular volume and Solidifier is in Enable mode or
unattached indicates that Solidifier is in Disable mode for the particular volume.
Command Mode
trusted
The trusted command allows execution of files located on the remote share and any of the
local share by establishing it as a trusted volume set. Using this command, you can include,
exclude, remove, list or flush trusted volumes.
11
McAfee, Inc.
OS Platforms
trusted
trusted
trusted
trusted
trusted
trusted
trusted
trusted
trusted
trusted
trusted
trusted
trusted
trusted
trusted
Adds trusted volume rules for volumes volumesetname1 ... volumesetnameN and allows
execution of all files on these volumes.
sadmin trusted -i pathname1 ... pathnameN
Adds trusted path rules for paths pathname1 ... pathnameN and allows execution of all
files on these paths.
sadmin trusted -e volumesetname1 ... volumesetnameN
Adds trusted volume rules to exclude volumes volumesetname1 ... volumesetnameN from
the trusted volumes list.
Use this command to exclude from the trusted volumes list those volumes belonging to a
trusted group of volumes.
sadmin trusted -e pathname1 ... pathnameN
Adds trusted path rules to exclude paths pathname1 ... pathnameN from the trusted paths
list.
Use this command to exclude from the trusted paths list those paths belonging to a trusted
group of paths.
sadmin trusted u volumesetname1 ... volumesetnameN
Includes the volume set in trusted group, allow execution of ALL files from this volume
set and run all binaries/scripts from this volume set as updaters.
sadmin trusted u pathname1 pathnameN
Includes the paths set in trusted group, allow execution of ALL files from this path and
run all binaries/scripts from this path as updaters.
sadmin trusted -r volumesetname1 ... volumesetnameN
12
McAfee, Inc.
Adds trusted path rules for paths pathname1 ... pathnameN and allows execution of all
files on these paths.
sadmin trusted -e pathname1 ... pathnameN
Adds trusted path rules to exclude paths pathname1 ... pathnameN from the trusted path
list.
Use this command to exclude from the trusted path list those paths belonging to a trusted
group of paths.
sadmin trusted -r pathname1 ... pathnameN
1. The volume names volumesetname can be specified on the Windows platform in any of the
following ways:
\\servername\\sharename specific share sharename exported by the server servername
\\servername - all shares exported by server servername
\\* - all shares exported by all servers
2. The pathname pathname can be specified on Windows platform in the following way:
13
McAfee, Inc.
C:\Windows\*\drivers
3. The pathname pathname can be specified on UNIX platform in the following way:
/usr/local/
Command Mode
unsolidify (unso)
This unsolidify command is used to remove the files, folders or volumes from the white list.
OS Platforms
This command is to remove the given file or folder or volume from the white list.
Command Mode
updaters
The updaters command adds, deletes, lists or flushes programs in the list of authorized
updaters.
OS Platforms
updaters
updaters
updaters
updaters
updaters
updaters
updaters
updaters
updaters
updaters
updaters
updaters
14
McAfee, Inc.
{ binaryname | scriptname }
[ -p parent-programname ] {
}
{ binaryname | scriptname }
Adds an updater rule for user username so that all update events by the user are
authorized.
If the t argument is specified, the tag rule-id will be present in the Event Log for all the
files processed due to this updater rule.
sadmin updaters add scriptname
15
McAfee, Inc.
Adds an updater rule for script scriptname so that all update events by the scripts are
authorized.
sadmin updaters remove exename
Removes the updater rule for execution file exename having associated library
libraryname.
sadmin updaters remove -p parent-exename exename
Removes the updater rule for execution file exename having associated parent execution
file parent-exename.
sadmin updaters remove scriptname
16
McAfee, Inc.
Removes the updater rule for execution file binaryname or scriptname having associated
parent execution file parent-programname.
sadmin updaters list
The absolute path of the executable should be specified. Either the file name alone or one or more
folders/directories up the tree is specified. If 'dir\file.exe' is specified, the rule applies if and only
if, 'file.exe' is in a folder/directory named 'dir'. On Windows, full path names containing the drive
letter or starting with a slash character are not a valid entry for the rule names; such names are
ignored. For example, if you specify c:\foo\bar.exe, the updater rule is added for
\foo\bar.exe ignoring the drive letter.
Command Mode
version
The version command displays the version of the Application Control installed on the system.
OS Platforms
Command Mode
17
McAfee, Inc.
Windows
(x86)
Windows
(x64)
-a
-b
-c
-d
-e
-f
-i
-l
-p
-o
-r
-u
Attribute
UNIX
18
McAfee, Inc.
Attribute
Argument
Windows
(x86)
Windows
(x64)
-n
UNIX
Note: You can specify one or more configuration attributes in any combination.
The second column lists the corresponding argument to be used for the attributes.
OS Platforms
add
-a | -b | -c | -d | -e |
add
-o parent=PARENT_FILE -p
remove [-a | -b | -c | -d | -e |
list
[-a | -b | -c | -d | -e |
flush [-a | -b | -c | -d | -e |
-f |
FILE
-f |
-f |
-f |
-i | -l | -p | -r | -u FILE ...
-i | -l | -p | -r | -u ] FILE ...
-i | -l | -p | -r | -u ] [FILE ...]
-i | -l | -p | -r | -u ]
add
-a | -i | -n | -p | -u FILE ...
add
-o parent=PARENT_FILE -p FILE
remove [-a | -i | -n | -p | -u ] FILE ...
list
[-a | -i | -n | -p | -u ] [FILE ...]
flush [-a | -i | -n | -p | -u ]
attr
attr
attr
attr
attr
-a | -b | -c | -d | -e | -f | -i | -l | -p | -r | -u FILE ...
Note: You must specify the argument for at least one configuration attribute with the
sadmin attr add command.
sadmin attr add o parent=filename2 p filename1
Removes the Solidifier Configuration attribute set on solidified files filename1 ...
filenameN.
19
McAfee, Inc.
Note: You need not specify any argument for configuration attributes with the
sadmin attr remove command. When no arguments for any configuration attribute are
specified, it is assumed that arguments for all configuration attributes have been
specified.
attr list
Lists Solidifier Configuration attributes set on solidified files filename1 ... filenameN.
Use the attribute argument based on Table 1: Supported Configuration Attributes .
X
If file names are not specified, the configuration attributes for all solidified files are
listed.
Note: You need not specify any argument for configuration attributes with the
sadmin attr list command. When no arguments for any configuration attribute are
specified, it is assumed that arguments for all configuration attributes have been
specified.
attr flush
[-a | -b | -c | -d | -e | -f | -i | -l | -p | -r | -u ]
Note: When no arguments for any configuration attribute are specified with the
sadmin attr flush command, it is assumed that arguments for all configuration
attributes have been specified and hence, all Solidifier Configuration attributes from all
files are removed.
Syntax Description (Windows x64)
attr add
-a | -i | -n | -p | -u FILE ...
Note: You must specify the argument for at least one configuration attribute with the
sadmin attr add command.
attr add
-o parent=PARENT_FILE -p FILE
Removes the Solidifier Configuration attribute set on solidified files filename1 ...
filenameN.
Use the attribute argument based on Table 1: Supported Configuration Attributes .
X
Note: You need not specify any argument for configuration attributes with the
sadmin attr remove command. When no arguments for any configuration attribute are
specified, it is assumed that arguments for all configuration attributes have been
specified.
attr list
20
McAfee, Inc.
Lists Solidifier Configuration attributes set on solidified files filename1 ... filenameN.
Use the attribute argument based on Table 1: Supported Configuration Attributes .
X
If file names are not specified, the configuration attributes for all solidified files are
listed.
Note: You need not specify any argument for configuration attributes with the
sadmin attr list command. When no arguments for any configuration attribute are
specified, it is assumed that arguments for all configuration attributes have been
specified.
attr flush
[-a | -i | -n | -p | -u ]
Note: When no arguments for any configuration attribute are specified with the
sadmin attr flush command, it is assumed that arguments for all configuration
attributes have been specified and hence, all Solidifier Configuration attributes from all
files are removed.
Syntax Description (Linux, Solaris)
sadmin attr add [ -a | -p | -u ] filename1 ... filenameN
Note: You must specify the argument for at least one configuration attribute with the
sadmin attr add command.
sadmin attr add o parent=filename2 p filename1
Adds the p Solidifier Configuration attribute to solidified file filename1 so that it can
pass-thru if and only if it was invoked by filename2.
sadmin attr remove [ -a | -p | -u ]
Removes the Solidifier Configuration attribute set on solidified files filename1 ...
filenameN.
Use the attribute argument based on Table 1: Supported Configuration Attributes .
X
Note: You need not specify any argument for configuration attributes with the
sadmin attr remove command. When no arguments for any configuration attribute are
specified, it is assumed that arguments for all configuration attributes have been
specified.
sadmin attr list [ -a | -p | -u ] [ filename1 ... filenameN ]
Lists Solidifier Configuration attributes set on solidified files filename1 ... filenameN.
Use the attribute argument based on Table 1: Supported Configuration Attributes .
X
If file names are not specified, the configuration attributes for all solidified files are
listed.
Note: You need not specify any argument for configuration attributes with the
sadmin attr list command. When no arguments for any configuration attribute are
21
McAfee, Inc.
specified, it is assumed that arguments for all configuration attributes have been
specified.
sadmin attr flush [ -a | -p | -u ]
Note: When no arguments for any configuration attribute are specified with the
sadmin attr flush command, it is assumed that arguments for all configuration
attributes have been specified and hence, all Solidifier Configuration attributes from all
files are removed.
Command Mode
auth
The auth command is used to declare applications that are allowed to be run on your system
(whitelist applications) and applications that are banned from running on your system (blacklist
applications). You can declare any application (executables, installers, or batch files) as a
whitelist application or a blacklist application. These applications may be locally installed or
invoked applications or may be installed in or invoked from a shared drive.
OS Platforms
Windows
Syntax
auth
auth
auth
auth
auth
[ -a [ -t RULE-ID] [ -u | [ -c CHECKSUM ]] ]
-b [ -t RULE-ID] -c CHECKSUM
-r [ CHECKSUM ]
-l
-f
Syntax Description
sadmin auth [ -a [ -t RULE-ID] [ -u | [ -c CHECKSUM ]] ]
22
McAfee, Inc.
CHECKSUM is the SHA1 hash value of the application file. VERSION is the application
version details in Product name\Product version format.
sadmin auth r CHECKSUM | VERSION
check
The check command checks consistency of the specified file set (solidified files) with the stored
file checksum, etc. in inventory. If no file set is specified, then all supported volumes are checked
for consistency.
OS Platforms
check
check
check
check
[
[
[
[
-r
-r
-r
-r
]
] filename1 ... filenameN
] directoryname1 ... directorynameN
] volumename1 ... volumenameN
Syntax Description
sadmin check [ -r ]
Checks file consistency of all solidified files in all supported volumes against the stored
file information.
If the r argument is specified, any inconsistencies found are also fixed.
sadmin check [ -r ] filename1 ... filenameN
Checks file consistency of solidified files filename1 ... filenameN against the stored file
information.
If the r argument is specified, any inconsistencies found are also fixed.
sadmin check [ -r ] directoryname1 ... directorynameN
Checks file consistency of all solidified files under folders/directories directoryname1 ...
directorynameN against the stored file information.
If the r argument is specified, any inconsistencies found are also fixed.
sadmin check [ -r ] volumename1 ... volumenameN
Checks file consistency of all solidified files under system volumes volumename1 ...
volumenameN against the stored file information.
If the r argument is specified, any inconsistencies found are also fixed.
23
McAfee, Inc.
Command Mode
cert
The cert command is used to manage certificate files. The command adds, removes, or lists
certificate files to Solidifier Certificates store (the <McAfee Solidifier-dir>/Certificates folder).
Note: Use the scgetcerts.exe utility to generate certificate files for signed installers.
OS Platforms
Windows
Syntax
sadmin
sadmin
sadmin
sadmin
sadmin
sadmin
cert
cert
cert
cert
cert
cert
add
add
remove
remove
list
flush
[ -u ] FILE ...
-c X509PEM ...
-c X509PEM ...
SHA1 ...
[ -d | -u ]
Syntax Description
sadmin cert add
[ -u ] FILE ...
[ -d | -u ]
Remove all the certificates from the McAfee Solidifier Certificates store.
scgetcerts.exe
This sets a new flag for extraction of certificate that has been added to scgetcerts.exe.
scgetcerts.exe [<FILEPATH: filename|directory>] [OUTPUT PATH] [--cab] <-A> <-O>
<-n|-c> [<DOMAIN>] [<USERNAME>] [<PASSWORD>]
This utility dumps the Installer Info and/or extracts all certificates from Authenticode Signature.
FILEPATH
This option is to specify the filename or directory name of the file to be processed. If a directory
is specified, certificates and information will be extracted recursively from all the files in the
specified folder. This file is located in Installation directory: \McAfee\Solidcore\tools.
24
McAfee, Inc.
OUTPUT PATH
This option is to specify the directory to store certificates and/or installer Information.
-cab
-O
-A
Optional, use to extract all the certificates from installer/file. By default only root
certificate is extracted.
-O
Optional, Use if only the certificates are required and additional info is not
required. Not optional if --cab is specified.
-c
-n
The DOMAIN, USERNAME, and PASSWORD options need to be specified when -n or -c flag is passed.
The certificates extracted will be stored in files named on the basis of SHA1 of Issuer & Serial
No.
config
The config command is used to export configuration of Solidifier installation to a file or import
configuration from a file. The configuration settings are applied to current installation once the
import operation completes successfully.
OS Platforms
config
config
config
config
export filename
import [ -a ] filename
set NAME=VALUE
show
Syntax Description
sadmin config export filename
25
McAfee, Inc.
If you specify the a argument, the configuration settings available in the file filename
are appended to the existing configuration settings.
sadmin config set NAME=VALUE
diag
The diag command determines interoperability configuration for programs on the system.
OS Platforms
Windows
Syntax
sadmin diag
sadmin diag fix [ -f ]
Syntax Description
sadmin diag
Identifies candidate Auto-Updaters and provides the command syntax for authorizing
such programs to perform updates when they execute.
sadmin diag fix [ -f ]
Identifies and applies candidate Auto-Updaters for authorizing such programs to perform
updates when they execute.
If the f argument is specified, the restricted programs are also included.
Command Mode
This command can be issued in Enabled mode and Update mode only.
event
The event command lets you configure the log targets (sinks) for generated change events.
OS Platforms
26
McAfee, Inc.
Syntax Description
sadmin event sink
Specifies that the event eventname should be logged in sink type sinkname.
You can also specify ALL as the event name so that the specified sink type is applicable
for all events. Similarly, you can specify ALL as the sink type name so that the specified
event is logged with all sink types. Also, you can specify ALL as both the event name
and the sink type name so that all events are logged with all sink types.
You can also specify the command multiple times to add more than one sink type for an
event.
sadmin event sink -r { eventname | ALL } { sinkname | ALL }
Removes the association of event eventname with sink type sinkname so that event
eventname is no longer logged with sink type sinkname.
You can also specify ALL as the event name so that all events are disassociated from the
specified sink type. Similarly, you can specify ALL as the sink type name so that the
specified event is disassociated from all sink types.
Note: While you can specify ALL as both the event name and the sink type name so that
all event-sink associations are removed, it is not a recommended use model.
You can also specify the command multiple times to disassociate more than one userspecified sink type for an event.
Command Mode
features
The features command can be used to enable or disable a feature. A complete listing of the
features along with their operational state can also be obtained using this command.
OS Platform
27
McAfee, Inc.
Syntax Description
sadmin features enable featurename
Lists all Solidifier features and their current status (allowed or not allowed).
Note: The list argument is optional.
Command Mode
list-solidified (ls)
The list-solidified command displays the list of solidified files, folders/directories, or
volumes (Windows only).
OS Platforms
list-solidified
list-solidified
list-solidified
list-solidified
[
[
[
[
-l
-l
-l
-l
]
] filename1 ... filenameN
] directoryname1 ... directorynameN
] volumename1 ... volumenameN
Syntax Description
sadmin list-solidified [ -l ]
28
McAfee, Inc.
list-unsolidified (lu)
The list-unsolidified command lists unsolidified files.
OS Platforms
list-unsolidified
list-unsolidified filename1 ... filenameN
list-unsolidified directoryname1 ... directorynameN
list-unsolidified volumename1 ... volumenameN
Syntax Description
sadmin list-unsolidified
lockdown
The lockdown command disables the local CLI.
Under the lockdown, no commands (other than help, help-advanced, status, version,
lockdown, recover, and license) can be executed.
OS Platforms
29
McAfee, Inc.
Command Mode
recover
The recover command enables a local administrator to recover the local CLI. It should be used
when Solidifier-ePolicy Orchestrator (ePO) Managed communication is down. It prompts for
password if it has been set.
OS Platforms
Command Mode
read-protect (rp)
The read-protect command modifies or displays the read protection rules and by default it is
Disabled.
Note: Unlike other commands, you must specify complete file or folder/directory names with the
read-protect command.
OS Platforms
read-protect
read-protect
read-protect
read-protect
read-protect
Syntax Description
sadmin read-protect [ -i ] pathname1 ... pathnameN
30
McAfee, Inc.
Adds read-protection rules to exclude paths pathname1 ... pathnameN from readprotection.
Use this command to exclude from read-protection specific paths belonging to a readprotected group of paths (folders/directories and volumes).
sadmin read-protect -r pathname1 ... pathnameN
write-protect (wp)
The write-protect command write-protects specified files including solidified files.
Note: Unlike other commands, you must specify complete file or folder/directory names with the
write-protect command.
OS Platforms
write-protect
write-protect
write-protect
write-protect
write-protect
Syntax Description
sadmin write-protect [ -i ] pathname1 ... pathnameN
31
McAfee, Inc.
Adds write protection rules to exclude paths pathname1 ... pathnameN from write
protection.
Use this command to exclude from write-protection specific paths belonging to a writeprotected group of paths (folders/directories and volumes).
sadmin write-protect -r pathname1 ... pathnameN
write-protect-reg (wpr)
The write-protect-reg command is used to modify or display the enforcement protection
rules.
OS Platforms
Windows
Syntax
sadmin
sadmin
sadmin
sadmin
sadmin
write-protect-reg
write-protect-reg
write-protect-reg
write-protect-reg
write-protect-reg
Syntax Description
sadmin write-protect-reg [ -i ] registrykeyname1 ... registrykeynameN
32
McAfee, Inc.
33