Upgrade Guide › Migrating PMDs to an Advanced Policy Management Environment › How the Migration Process Works › How CA ControlMinder Applies a Filter File to a Password PMD

How CA ControlMinder Applies a Filter File to a Password PMD

Advanced policy management does not support policies with password management commands. Use a password PMD to synchronize passwords between endpoints and to distribute password management rules. When you migrate a password PMD to the advanced policy management environment, you apply a filter file to the password PMD so that it only deploys password rules to its subscribers.

The following process explains how CA ControlMinder applies a filter file to a password PMD:

1. CA ControlMinder creates a text file named filter.flt and adds the following lines to it:

   #------------------------------------------------------------------------------
   # access  	env	class	objects	properties           	pass/nopass
   #------------------------------------------------------------------------------
     *      	*  	USER	*      	OLD_PASSWD;CLR_PASSWD	PASS
     *      	*  	*   	*      	*                    	NOPASS
   #------------------------------------------------------------------------------
   

2. CA ControlMinder saves filter.flt in the password PMD directory.
3. CA ControlMinder adds the full path of filter.flt to the "filter" configuration setting in the following location:
   • (UNIX) The [pmd] section of the pmd.ini file
   • (Windows) The following registry key:

     HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\AccessControl\Pmd\PMDB_Name