|
|
|
Symptom:
I created a policy that contains a rule with a variable and deployed the policy to an endpoint, but the rule is not implemented on the endpoint.
Solution:
Use the following procedure to troubleshoot the policy deployment:
A value of 1 for this configuration setting specifies to run policyfetcher. If policyfetcher is not running, it cannot deliver the policy to the endpoint.
Note: The policyfetcher log is in the ACInstallDir/Log directory, where ACInstallDir is the directory in which you installed CA Access Control.
Note: If the variable is not defined on the endpoint, the policy status is Deploy Pending.
If the variable is not defined on the endpoint, create a new policy version that contains a selang rule that defines the variable, and deploy the new policy version to the endpoint.
If the policy is not assigned to the endpoint, use CA Access Control Enterprise Management to assign the policy.
If the deployment script for the policy contains errors, create a new policy version that fixes the errors and deploy the new policy version to the endpoint.
If the policy status is Out of Sync, a variable value may have changed in the CA Access Control endpoint. Redeploy the policy to clear the Out of Sync status.
If policy did not correctly compile or the DEPLOYMENT object contains errors, fix the errors and redeploy the policy.
| Copyright © 2012 CA. All rights reserved. |
|