Previous Topic: Review the PrerequisitesNext Topic: Finalize the Policy


Create and Store a Policy Version on the DMS

Every policy that you create is stored on the DMS and automatically gets a version number. The first time that you store a policy, the policy receives the version number "01". For example, the first time you store the policy myPolicy, CA ControlMinder Enterprise Management creates a GPOLICY object named myPolicy and a POLICY object named myPolicy#01. When you store an existing policy on the DMS, the latest stored version of the policy is incremented by one to create the new policy version. For example, when you store the 28th version of myPolicy, CA ControlMinder Enterprise Management creates a POLICY object named myPolicy#28.

Follow these steps:

  1. (Optional) Create a script file with selang deployment commands.

    Important! The policy deployment does not support commands that set user passwords. Do not include such commands in your deployment script file. Native selang commands are supported but do not show in deviation reports.

  2. (Optional) Create a script file with selang undeployment commands.
  3. In the CA ControlMinder Endpoint Management Policy Management tab, click Policy and the Policy task.

    The task menu Policy tree expands on the left.

  4. Click Create Policy.

    The Create Policy: Policy Search screen appears.

    Note: To create a new version for an existing policy, click Modify Policy and search for the policy that you want to modify.

  5. Check Create a new object of type Policy and click OK.

    The Create Policy task page and General tab appear.

  6. Complete the following fields in the General Section box:
    Name

    Defines the name of the policy (GPOLICY object). The policy name has to be unique on the DMS (this rule is enforced) and in your enterprise (this rule is not enforced). You cannot deploy a policy to a host using a previously existing name.

    Note: If the policy name is not unique on the DMS, you cannot deploy the policy.

    Description

    (Optional) Defines a business description (free text) of the policy. Use this field to record the purpose of the policy and any other information that helps you identify the policy.

  7. Click the Policy Script tab and provide a deployment and an undeployment script, using one of the following methods:
  8. (Optional) Provide a description for this policy version.

    Use the policy description to provide specific information about the deployment scripts that you use for this policy version.

  9. (Optional) Select Finalize on Submit.

    This option specifies that the new policy version can be deployed. If you are not finished creating the deployment script, clear this option.

    Note: If you do not select this option, you can modify the deployment scripts without creating a new version of the policy. However, you cannot deploy a policy version that is not finalized.

  10. Click the Policy Dependency tab, then click Add.

    The Add Member dialog appears.

  11. Select the policy prerequisites that you want to add, then click Select.

    The Add Member dialog closes and the policies that you selected are added to the Members.

  12. Click Submit.

    The task is submitted. If the task is successful, a message appears indicating that a new policy version was created.

    Note: If the policy is not created successfully, the reason is noted in the audit log records.