none
Firewall exception Office 365

    Question

  • Here's the issue.

    Office 365 Lync has a download that needs access through the Windows firewall OR users get a message stating "Some features may be blocked". Since my users do not have admin rights they cannot allow the app. So they have to contact me

    I created a rule that allows the plugin the access it needs BUT, when I created the rule I noticed an issue that I knew would become an issue.

    The path to the plugin is

    %LocalAppData%\Microsoft\lwaplugin\15.8.20017.342\pluginhost.exe

    Bad enough they put the plugin in the localappdata folder which I was trying to block due to virus issues BUT, they put the plugin version in the path.

    I pointed out to the app guys that while I could open this it would become an issue down the road if the version changes. 3 days later... It changed. The new path is

    %LocalAppData%\Microsoft\lwaplugin\15.8.20018.735\pluginhost.exe

    Because this is Office 365 it's controlled by Microsoft thus I can't change the path (I don't think)... Is there anything I can do as far as GPO rules here?

    Thanks

    RS

    Tuesday, March 10, 2015 3:21 PM

Answers

  • Hello,

    why not using %LocalAppData%\Microsoft\lwaplugin as open part in your virus scan engine?

    BTW, that folder is the correct location for software to be installed locally so the logged on user could still work without permission problem.

    From http://www.blogtechnika.com/what-is-application-data-folder-in-windows-7/ :

    Local: Local folder contains many subfolders . It mainly contains folders related to installed programs. Also there is a folder of Microsoft where you can find history of Windows activities. There is a temp folder which stores all the temporary files. IE temporary files are stored under temporary internet files under Windows folder.


    Best regards

    Meinolf Weber

    MVP, MCP, MCTS

    Microsoft MVP - Directory Services

    My Blog: http://blogs.msmvps.com/MWeber

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Twitter:  

    • Marked as answer by rsblind Wednesday, March 11, 2015 12:54 PM
    Tuesday, March 10, 2015 3:45 PM
  • This is a Firewall exception not an Antivirus exception... But, I had been under the impression that you needed an exe tied to the exception for the Windows firewall and it appears that was incorrect. I was able to list a path only to the firewall exception rules and that appears to have worked.

    Seems a bit less secure but it does allow me to get around this issue.

    Thanks

    RS

    Wednesday, March 11, 2015 12:54 PM

All replies

  • Hello,

    why not using %LocalAppData%\Microsoft\lwaplugin as open part in your virus scan engine?

    BTW, that folder is the correct location for software to be installed locally so the logged on user could still work without permission problem.

    From http://www.blogtechnika.com/what-is-application-data-folder-in-windows-7/ :

    Local: Local folder contains many subfolders . It mainly contains folders related to installed programs. Also there is a folder of Microsoft where you can find history of Windows activities. There is a temp folder which stores all the temporary files. IE temporary files are stored under temporary internet files under Windows folder.


    Best regards

    Meinolf Weber

    MVP, MCP, MCTS

    Microsoft MVP - Directory Services

    My Blog: http://blogs.msmvps.com/MWeber

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Twitter:  

    • Marked as answer by rsblind Wednesday, March 11, 2015 12:54 PM
    Tuesday, March 10, 2015 3:45 PM
  • This is a Firewall exception not an Antivirus exception... But, I had been under the impression that you needed an exe tied to the exception for the Windows firewall and it appears that was incorrect. I was able to list a path only to the firewall exception rules and that appears to have worked.

    Seems a bit less secure but it does allow me to get around this issue.

    Thanks

    RS

    Wednesday, March 11, 2015 12:54 PM