The following table lists the known issues and limitations present in the Carbon Black App Control 8.7.2 Server.

Item # Description
EP-1222 If the CryptoAPI cannot initialize, the license will not be imported. This is typically due to the environment not being set up according to the installation instructions.
EP-2752 If you modify the permissions of, or disable, the "admin" user that ships with the product, the API module may no longer function correctly, causing problems when using the REST API and the console. Make sure that the "admin" user retains its "View users" and "Manage users" permissions, and that it is not disabled.
EP-2879 Baseline Drift Reports report on Windows computers only; they do not report on Mac or Linux computers.
EP-3157 Exports to CSV of tabular data from console pages do not render date and time fields consistently with respect to time zone. Some columns are reported as UTC; others use the local time zone.
EP-3349 Right after a new version of App Control is installed, the version health indicator will incorrectly report that the previous version is the newest version. Refreshing the health indicator will cause it to disappear and will remove the incorrect report.
EP-3352 When a file that no longer exists is selected for deletion, the App Control Server should generate an error with subtype "File deletion processed (file not found)". Instead, an event with the subtype "File deletion failed" is erroneously generated.
EP-3397 When choosing View CB Reputation Data on the Action menu of a App Control file table, a failure message always appears after viewing the data. The message is "View CB Reputation Data failed for 1 item(s)." No actual failure has occurred, however.
EP-4085 When uninstalling the App Control server a message may appear saying that the system is protected by the App Control agent even though the agent has already been uninstalled.
EP-4093 When editing the User Roles Page, clicking the Save button has the same functionality as the Save and Exit Button.
EP-4094 Users without the "View Policies" permission will not be able to make use of Role-Based Access Controls based on policies.
EP-4151 On the Find Files page, after creating a saved view the message "(The Current View Has Unsaved Changes - Discard)" is still displayed after clicking on the Add button.
EP-4152 Grouping does not always work on the Application Catalog or the Applications on Computers page. If you elect to show the Version Number column and group by it, the groups that appear on the page will not expand.
EP-4175 In some cases when the server is set to high-level logging, it does not actually log everything that should be logged in this mode.
EP-4578 If a user turns on the config property ShowHiddenCustomRules and creates a Custom Rule with a hidden action (that is, an action ending with "(Hidden)") that rule will display as an expert rule after being saved. Rules of this type requiring an Operation value of "Execute and Write" should be created as two separate rules to avoid losing data.
EP-4660 A console user account based on Active Directory may be unable to log into Unified Server even when prompted to authenticate.
EP-4670 The App Control console can become unresponsive if the query to Active Directory to check user’s permissions times out.
EP-5504 Systems created using Sysprep may not boot if Tamper Protection was enabled when Sysprep was performed.
EP-5555 After upgrading the App Control server to the current release, an event of type “Server Management” and subtype "Server upgrade succeeded" that should appear on the Events page does not appear there.
EP-5700 On the Software Rules page, the column showing affected policies can show a blank policy name. This will appear as two commas with a space between them. This occurs when a rule once applied to a policy that has been subsequently deleted.
EP-5703 From the App Control console one can request a diagnostic upload from an endpoint. Canceling such a request while it is underway does not always work. Sometimes cancellation can merely cause the endpoint to retry the upload.
EP-6510 Some customers have reported seeing false positives with the Doppleganger rule being triggered by TIWorker.exe and TrustedInstaller.exe
EP-6515 In a specific scenario it's possible for newly installed agents to register with the server from a deleted policy.
EP-6719 File analysis through connectors will not work with files containing certain foreign characters in the name.
EP-6721 If a SAML identity provider requires a signed logout request, the logout request will fail.
EP-6796 In some cases it's not possible to export a large amount (300+) of custom rules.
EP-7891 When adding a user to the "Linux User/Group to Manage Agents" section of the Agent Management configuration the message “(Not validated)” is erroneously returned. The new user should still be added.
EP-8908 Licensing page fails to display expiration warning when less than one day remains.
EP-13176 Generation of a new, self-signed certificate fails if a space is used in the Department field. Workarond: Avoid using spaces in the Department field when creating a new self-signed certificate.
EP-13195 Rapidly changing a computer's policy more than once can sometimes cause the last policy change to not apply.