anyone recommend any standard settings for ZoneAlarm when used in an Active Directory environment? More specifically, I need to know why WINLOGON.EXE on a Windows XP client is being blocked from connecting to the AD
in the 'local zone' (as it calls it).
If I delete the corresponding program (Windows NT Logon Application) from ZoneAlarm's registered programs I can then respond 'Allow' to the prompt when it appears.
This works for an hour or two and then it reverts to being blocked. There seems to be no way to permanently set it to 'Allow'.
Even making sure all the checks are green makes no difference. These revert to red X's. I then suffer bad domain logons, bad computer domain accounts, no login script running and Event ID 1054 errors in the client's event log.
All my machines are in the Trusted Zone (192.168.1.x) so I don't see why it's picking on WINLOGON.EXE.
This is affecting all three clients, which have all been rebuilt 2-3 times and each time a latest fresh copy of ZoneAlarm is installed. I'm hoping someone can help, please.
Here are the version details for an one of the PCs (I know it's not the latest build, but I've suffered the same symptoms with every previous version as well):
ZoneAlarm Security Suite version:7.0.462.000
Anti-virus engine version:3
Anti-virus SDK version:126.96.36.199
Anti-virus signature DAT file version:947608627
Anti-spyware engine version:188.8.131.52
Anti-spyware signature DAT file version:01.200803.3565
Operating System:Windows XP Pro
Product Name:ZoneAlarm Internet Security Suite