Server Policy Group (ManagedPC)
The Server policy group contains the following ManagedPC boot server policies. You can modify policy parameter values by double-clicking a policy to display the Setting Properties dialog.
Note: Available categories and options may vary depending on the products and components installed.
Configures the ADS proxy service and specifies the type of authentication to be used when connecting to the Microsoft Automated Deployment Services (ADS) provider. Valid values are ntlmdomain and Kerberos. By default, Microsoft NTLM authentication and the NTLM domain of the current user are used.
Default: ntlmdomain
Configures the ADS proxy service and specifies the machine name where the ADS controller is located.
Default: empty
Configures the ADS proxy service and specifies the name of the domain used for login authentication to the ADS provider.
Default: empty
Configures the ADS proxy service and specifies the encrypted password for login authentication to the ADS provider.
Default: <encrypted>
Configures the ADS proxy service and specifies the time in seconds to wait between notifications from the ADS controller.
Default: 5
Configures the ADS proxy service and specifies the user ID for login authentication to the ADS provider.
Default: empty
Configures the TFTP service of the boot server and specifies the maximum number of milliseconds to back off after sending a TFTP packet to a target computer. This allows more simultaneous downloads and quicker target response on slower CPU server systems.
Default: 0
Specifies the password for login authentication to the boot server's domain for the canonprv user.
Default: <encrypted>, <locally managed>
Specifies the default OS installation script for not yet discovered targets called from the DOS boot image.
Default: empty
Configures the ADS proxy service. If set to False, all target computers defined as devices in the ADS database are assumed to be managed by ADS. If True, only target computers ADS has taken control of are assumed to be ADS managed.
Default: False
Indicates whether the PXE process of the boot server is disabled after the next restart.
Note: This does not stop the PXE process. The normal way to disable the PXE server is to use the caf stop sdmpcserver and caf disable sdmpcserver commands.
Default: True
Configures the boot server to act as an ADS proxy to an ADS controller using the ADSpolicyname specified.
Note: If the Definition policy of ADS targets policy is False, all other ADS configuration policies have no effect.
Default: False
If True, the boot server listens on port 67 and port 4011, respectively, for Dynamic Host Configuration Protocol (DHCP) discover and request messages. If False, the boot server listens only on port 4011 for DHCP request messages.
Default: True
Lets the PXE process choose the boot sequence of the next boot device to boot following the network boot, which is defined in the BIOS. If False, the hard disk is the next device booted following the network boot.
Note: The default BOOTDOS always tries to boot from hard disk. If this is not possible, it tries the BIOS boot sequence.
Default: False
Specifies the level of detail to output to the debug log. Valid values range from 5 = All to 1 = Only Errors.
Note: If the trace is active, the cftrace configuration substitutes the stand-alone debugging from the Debug level value.
Default: 2
Indicates whether all TFTP file requests are reported to the event log.
Default: True
Specifies the maximum number of threads that can be allocated by the boot server.
Default: 55
Configures the password change service for the OSIM access user canonprv and specifies the minimum number of digits (0–9) to be generated when generating a random password.
Note: If this value is larger than that specified for the Password length policy, then this value will be truncated to Password length.
Limits: 0–128
Default: 5
Specifies the number of PXE requests for replies from other boot servers before replying to an unknown PXE target. Valid values range from 1 to 10.
Note: This policy is used only if the Use answer control list policy is set to 1 (True).
Default: 3
Configures the password change service for the OSIM access user canonprv and specifies the minimum number of lowercase characters (a–z) to be generated when generating a random password.
Note: If this value is larger than that specified for the Password length policy, then this value will be truncated to Password length.
Limits: 0–128
Default: 3
Configures the password change service for the OSIM access user canonprv and specifies the minimum number of special symbol characters to be generated when generating a random password. Valid symbol characters are as follows:`~!@#$%^&*()_+-={}|[]\\:\";'<>?,./
Note: If this value is larger than that specified for the Password length policy, then this value will be truncated to Password length.
Limits: 0–128
Default: 3
Configures the password change service for the OSIM access user canonprv and specifies the minimum number of uppercase characters (A–Z) to be generated when generating a random password.
Note: If this value is larger than that specified for the Password length policy, then this value will be truncated to Password length.
Limits: 0–128
Default: 3
Indicates whether the boot server will change the password for canonprv when running on a Windows domain controller, even if the Password change interval policy is not set to 0. Valid values are True and False.
Default: False
Configures the password change service for the OSIM access user canonprv and specifies the time in days between password changes.
Limits: 1–365
Default: 1
Configures the password change service for the OSIM access user canonprv and specifies the maximum length of the password generated.
This policy requires you to adjust the appropriate subcategories to set minimum values. If any of the subcategory values is larger than Password length, then each subcategory (Number of digits in password, Number of symbols in password, and so on) contains an even number of characters based on the password length. Internally, for example, if PW_length is 8 and PW_num_digits is 9, then PW_num_digits will be 2, PW_num_upper_case_characters will be 2, and so on.
Note: If the number of signs of one of the subcategories (Number of digits in password, Number of symbols in password, and so on) is left 0, and the total amount of signs defined for all subcategories is less than the requested password length specified in the Password length policy, then the password may contain some nonspecified characters calculated by a internal rule. For example, if PW_length is 14 and PW_num_digits is 8, PW_num_lower_case_characters is 0, PW_num_upper_case_characters is 0, and PW_num_symbols is 0, then PW_num_digits becomes 9; and all the rest of the categories become floor (PW_length/4) and one of the categories becomes sub_category = sub_category + (PW_length modulo 4).
Limits: 8–128
Default: 14
Configures the ping monitoring service and specifies the time interval for the boot server to ping all known computers.
Default: 60
Configures the ping monitoring service and specifies the number of times to ping a target computer before it is determined to be down.
Default: 120
Configures the ping monitoring service and specifies the maximum time in seconds to wait for a ping response.
Default: 2
Specifies the port to which TFTP requests should be redirected if another TFTP server is available. If set to 0 (zero), redirection is not enabled.
Default: 0
Configures the TFTP service of the boot server and specifies the maximum number of times to attempt to send a packet to a target computer before timing out.
Default: 3
Configures the TFTP service of the boot server and specifies the maximum time in seconds to wait for a packet from a target computer before timing out.
Default: 3
Specifies the time in seconds to wait for replies from other boot servers before replying to a PXE discovery to an unknown PXE target.
Note: This policy is used only if the Use answer control list policy is set to 1.
Default: 10
If the boot server has not yet discovered the target computer booting from the network, specifies the boot image to be loaded. This requires that the corresponding boot loader is specified in the Unknown target boot loader policy.
Default: empty
If the boot server has not yet discovered the target computer booting from the network, specifies the boot loader to be used. Valid values are as follows:
Specifies booting from the hard disk instead of the boot image specified by the Unknown target boot image policy.
Specifies the DOS boot loader.
Specifies the boot loader.
Default: boothd
Specifies that when booting with the bootdos boot loader specified in the Unmanaged target boot loader policy, the boot image specified in the Unmanaged target boot image policy is used.
Default: empty
If the boot server knows the target computer booting from the network, specifies the default boot loader to be used if no installation order is pending. Valid values are as follows:
Specifies booting from the hard disk instead of the boot image specified by the Unmanaged target boot image policy.
Specifies the DOS boot loader
Specifies the boot loader.
Default: boothd
Indicates how the boot server handles all PXE requests. Valid values are as follows:
Specifies that the boot server answer PXE requests from both known and unknown computers immediately.
Specifies that the boot server answer PXE requests from known computers immediately, using an Answer Control List (ACL), but unknown computers only after a period of retries where no other boot server has answered the request. If more than one boot server answers after a period of retries specified in the Discovery retries before answer policy, the target chooses one of them.
Specifies that the boot server answer PXE requests from known computers only, using an ACL.
Default: 1
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|
