I added a number of malicious URLs in to our domain policy a few days ago, but the clients aren't taking it. When I request a client configuration, the "List of blocked URL addresses" entry is marked as grey as if no settings are being applied to it, but that isn't how the policy is configured. The policy change has been in effect for a number of days now so the clients should be refreshing at this point. Has anyone else gotten this to successfully work through ERAS policy? I can manually add them in directly to a client and that works, but doing this through a configuration task just isn't as clean as policy methods.