After setting the control of executable file, if the specified software is executed at client, the following operations can be performed.
Notify detection message to client
Notify warning message to client
Prohibit execution of software out of business such as games
Please set the detection and prohibition of executable file according to the following procedure.
Set executable file and message
Set software operation status collection
Application of client policy
Log on CT again
Specify the detection settings of executable file on client PC and the executable file that is warned/prohibited being used in client. In addition, specify the message to be displayed when the executable file is started.
The procedure is as follows.
Login to the Main Menu and click [Environment Setup].
→The [Environment Setup] window is displayed.
Click [Policy Group Management].
→The following window is displayed.
Click the [Customize various policies] button.
→The following window is displayed.
Select the [Basic Operation Policy] tab, and click the link of policy name.
→The following window is displayed.
Click the [Common settings] tab.
Click [Control of Executable File], and the following items will be displayed.
Item | Description |
|---|---|
[File Name] | Specify the name of the file for execution control within 259 character s. |
[Add] button | One line of the field for which the control of executable file can be specified will be added. |
[Delete] button | Delete the control of executable file specified at the line of deletion button. |
[Content of Control] (Note 1) | Select the content of control.
|
[Execution file name] (Note 2) | Specify the message to be displayed when the executable file is started within 1024 character s. It cannot be omitted. After (%ProgName%) is recorded in the text of message, when the software specified in the executable file name is started, the executable file name will e displayed. |
Specify the message to be displayed when the executable file is detected within 1024 character s. It cannot be omitted. After (%ProgName%) is recorded in the text of message, when the software specified in the executable file name is started, the executable file name will e displayed. In addition, after (%ProgName%) is recorded, the folder name where the detected file is located will be displayed in message text. | |
When displaying message at the time when the start of executable file is prohibited, select “Display message when execution is prohibited” and specify message content within 1024 character s. It cannot be omitted. After (%ProgName%) is recorded in the text of message, when the software specified in the executable file name is started, the executable file name will e displayed. |
Note 1)
Same executable file name cannot be specified in “Warning” and “Execution Prohibition”.
In inventory collection, when the executable file on client PC is detected, the detection message will be displayed.
The detection message will be displayed in the information at every time of inventory collection until uninstallation.
Note 2)
The following variables can be used in messages.
%ProgName%
Display the detected file name in the text of message. This variable can be used in the following messages.
Warning message
Detection message
Execution prohibition message
%ProgFolder%
The folder name where the detected file is located will be displayed in the text of message. This variable can be used in the following messages.
Detection message
Confirm settings and click the [Apply] button.
→ The settings are saved.
Note
For detection of executable fie, only the following fixed drives will be detected.
Built-in hard disk
Network connection hard disk using the “NDAS” technology
Part of USB connected hard disk (Note)
However, the executable file in the “Recycle Bin” of Windows cannot be detected. However, the executable files exist in the folder within the “Recycle Bin” of Windows can be detected.
Note) The conditions of USB connection hard disk that can be detected are as follows.
Select this drive in Windows Explorer, select “Type” of the “General” tab in the hard disk properties window displayed in [File] - [Properties], and the hard disk displayed as “Local Disk” here can be detected.
In order to perform warning and execution prohibition of the start of executable file, it is required to specify the software operation status collection to “Yes” in the collection conditions of client policy. In addition, when the executable file can be detected only, this setting is not required.
Please check in the Main Menu about whether the software operation status collection has been set.
[Settings of Collected Items] of [Environment Setup] - [Policy Group Management] - [Customize Various Policies] - [Basic Operation Policy] tab - [Inventory Information] tab of the Main Menu. |
When information in “2.5.1.1 Set Executable File and Message” and “2.5.1.2 Set the Collection of Software Operation Status ” mentioned above is set to CT when the client policy is applied.
The client policy is applied according to the schedule set in the Main Menu. For schedule, please confirm in the Main Menu.
[Settings of Collection Schedule] of [Environment Setup] - [Policy Group Management] - [Customize Various Policies] - [Basic Operation Policy] tab - [Inventory Information] tab of the Main Menu |
The setting of “2.5.1.1 Set Executable File and Message” and “2.5.1.2 Set the Collection of Software Operation Status ” mentioned above will be effective when log on to the PC again after the client policy has been applied to CT.
Please log on to each PC again at the timing when operation starts.
