Disabling "Stop On-Access Protection" on managed clients.

I need to remove from the end users the ability to stop Avast’s on-access proctection. Per a thread from April of this year, I changed the settings for “Local Scanners” under the computer catalog in the ADNM to “Ask for password” for the On-Access User Interface. However this does not appear to work in my deployment since even after wating for an hour and rebooting the machine, the user account can still stop On-Access protection.

Thanks

did you apply the setting on the container where the computer objects are located or on one of the parent containers and where u are sure that the computer object which you physically test it with is in that container?