Help CenterThreatLocker provides the ability to permit users to self-approve blocked software. This will add a learning maintenance mode for the requesting user only. While this works in most situations, some programs spin up tasks that run as SYSTEM during installation. If that is the case, because SYSTEM was not the requesting user, these actions will be blocked, resulting in a failed installation. To resolve this situation, the Self-Approval Configuration will allow admins to choose to let the self-approved maintenance mode also apply to NT Authority\System.
Please Note: If this setting is not set, the default behavior is only the requesting user will be included in the self-approved maintenance mode.
Navigate to the Advanced Settings page. In the legacy navigation menu, this is located in the left-hand menu. In the new navigation, the Advanced Settings button is located in the upper right-hand side of the portal header.
Select the 'New Setting' button in the top left corner.
In the 'Setting Type' dropdown, select Self-Approval Configuration.
In the 'Applies To' dropdown, select the level at which you want to edit the self-approval configuration.
Select if you want to add this setting to the top of the list or the bottom of the list.
In the Parameters section, select the desired 'Applies-To Users'.
Select either "The requesting user and NT Authority\SYSTEM" or "Only the requesting user".
Once the desired configuration has been selected, remember to press the 'Create' button to save the Advanced Setting and press the 'Update Agents' button to send the setting down to the agents.