This guide explains the behavior of EPM macOS when an execution request, linked to an approval workflow, is explicitly rejected by an administrator.
Requirements
- The application must be associated with a privileged execution policy that requires approval.
- EPM macOS must be installed on the device.
What happens after rejection
- The user submits an execution request with a double left click on application, filling in the fields required by the policy (such as justification and execution window).
- The request is sent to the Admin Interface Web and made available for review by the designated administrators.
- When an administrator rejects the request via the Admin Interface Web, the application remains blocked on the user's device.
- If the user attempts to run the same application again, EPM displays the following message: "Your last request to run this application was rejected by the administrator. Please submit a new request."
Info
The approval workflow is triggered only when an application with a policy with an approval workflow is started by the user.
Recommended actions
- The user may submit a new request, adjusting the justification or execution window as needed.
- Administrators should review the reason for the request and, if appropriate, guide the user on how to proceed properly.
Considerations
- The rejection is logged both locally and in the Admin Interface Web.
- The system prevents multiple unauthorized execution attempts based on the same rejected request.