Multiple User Support; Machine-Based Policies (Active Directory Only) - Novell ZENWORKS ENDPOINT SECURITY MANAGEMENT 3.5 - ADMINISTRATION Administration Manual
Hide thumbs
Also See for ZENWORKS ENDPOINT SECURITY MANAGEMENT 3.5 - ADMINISTRATION:
- Manual (26 pages) ,
- Installation manual (76 pages)
Table of Contents
Advertisement
Section 8.3.2, "Machine-Based Policies (Active Directory Only)," on page 194
Section 8.3.3, "Distributing Unmanaged Policies," on page 195
8.3.1 Multiple User Support
For machines that have multiple users logging on to them, each user account has its own, separate
Novell environment. Users can have separate policies and saved network environments. Each
account needs to log in to the Management Service separately to receive its credential in order to
download its published policy.
Where a user can't log in or refuses to do so, that user gets the initial policy that was included at
Endpoint Security Client installation. This helps discourage a user from creating a different account
to avoid policy restrictions.
Multiple user support is set at the time you install the client, and can only be changed when you
upgrade the client through an MSI property (POLICYTYPE 0=user or 1=computer; see
Installation" the
Because only one policy can be enforced at a time, the Microsoft Fast User Switching (FUS) is not
supported. The Endpoint Security Client turns off FUS at installation.
For an unmanaged client, the first policy that is pushed to one of the users is applied to all users until
the other users enforce their policies.
The users on a single computer must all be managed or unmanaged. If they are managed, all the
users must use the same Management and Policy Distribution Service.
8.3.2 Machine-Based Policies (Active Directory Only)
The option for using machine-based rather than user-based policies is set at Endpoint Security Client
installation (see the
this operation is selected, the machine is assigned the policy from the Management Service, and the
policy is applied to all users who log on to that machine. Users who have a policy assigned to them
on another machine do not have that policy accompany them when they log on to a machine with a
machine-based policy. Instead, the machine-based policy is enforced.
NOTE: The machine must be a member of the Policy Distribution Service's domain for the first
policy that is downloaded. Occasionally, Microsoft does not immediately generate the SID, which
can prevent the Endpoint Security Client on that machine from receiving its credential from the
Management Service. When this occurs, reboot the machine following complete Endpoint Security
Client installation to receive the credentials.
Machine-based policy support is set at the time you install the client, and can only be changed when
you upgrade the client through an MSI property (POLICYTYPE 0=user or 1=computer; see
Installation" the
194 ZENworks Endpoint Security Management Administration Guide
ZENworks Endpoint Security Management Installation Guide
ZENworks Endpoint Security Management Installation Guide
ZENworks Endpoint Security Management Installation Guide
"MSI
for details).
for details). When
"MSI
for details).
Advertisement
Chapters
Table of Contents
Related Manuals for Novell ZENWORKS ENDPOINT SECURITY MANAGEMENT 3.5 - ADMINISTRATION
Related Products for Novell ZENWORKS ENDPOINT SECURITY MANAGEMENT 3.5 - ADMINISTRATION
- NOVELL POLICY IN DESIGNER 3.5 - 09-18-2009
- NOVELL ACCESS MANAGER 3.1 SP2 - README 2010
- NOVELL IDENTITY ASSURANCE SOLUTION 3.0.2 - ADMINISTRATION
- NOVELL IDENTITY MANAGER 3.6. - INTEGRATION
- NOVELL IDENTITY MANAGER 3.6.1 - JOBS GUIDE
- NOVELL IDENTITY MANAGER 3.6.1 - TASK SERVICE DRIVER
- NOVELL IFOLDER 3 - ADMINISTRATION
- NOVELL ACCESS MANAGER 3.1 SP1 - AGENT GUIDE
Need help?
Do you have a question about the ZENWORKS ENDPOINT SECURITY MANAGEMENT 3.5 - ADMINISTRATION and is the answer not in the manual?