This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Conflict with Microsoft Office on Windows file server

Hello,

We have a Windows 2012 R2 and Windows 2008 R2 file servers with various Excel/Word files on them and with DFS-N/R between the two.  Users open these files from a share ( DFS-N) and save the files back to the same location using Office 2010, 2013 or 2016.  The problem is that *.tmp files are created in the share every time the file is saved. Please give me a final answer about this issue, as i have seen here few tickets with the same problem which have been created long time ago and without any clear answer. do i have to put an exclusion if yes what is the correct string to put and in which side serveror client as i have already put an exclusion *.tmp on server policy but i m still having the issue or disable something on server/client policy ?

FYI: 

Endpoint Advanced Protection

Server Advanced Protection

both are managed from cloud ( sophos central)

Thank you



This thread was automatically locked due to age.
Parents
  • Hello Amine BOURI,

    reading the old threads I think that this is induced by the on-access scanner on the endpoints/clients and excluding scanning of remote files eliminates the issue. You probably don't want to make such a global exclusion, and globally excluding *.tmp is also undesirable. Making use of the enhanced exclusions it might be possible to define more specific exclusions, i.e. to define patterns to exclude *.tmp only on these shares.

    Christian

  • Thanks a lot christian, i will follow your recommandations and see if it makes a difference, i just created a rule (Threat Protection) for file servers only, and disabled on read scanning and  excluded *.tmp on them as you can see on the screen shot ( by the way could you give me your point of view about this rule configuration ) and could you please tell me why disabling on read on client and not on servers servers i think this is very risky as all shit happens on client side !

     

  • Hello Amine BOURI,

    you shouldn't disable on read (did I suggest it? If so, it must be the heat), whether on servers or workstations. Furthermore I think the conflict (perhaps a race-condition) is caused by the clients, thus exclusions on the server shouldn't or won't make a difference.
    Please leave the on read/on write selected, no *.tmp exclusions for the servers, on the endpoints more specific exclusions like **\Partial\DFSPath\**\*.tmp

    Christian

  • Hello Christian,

     

    Thank you very much for your help, and advices, i will try to figure out the specific exclusion you gave me as i didin't understand how you came up with that path, i'm sorry if its dumb, i'm still learning

     

    Best regards

Reply
  • Hello Christian,

     

    Thank you very much for your help, and advices, i will try to figure out the specific exclusion you gave me as i didin't understand how you came up with that path, i'm sorry if its dumb, i'm still learning

     

    Best regards

Children
No Data