Top
Systemwalker Desktop Keeper User's Guide for Administrator
FUJITSU Software

2.1.2 How to Apply Policy

Timing for Policy Update

The timing for policy updates is as follows:

Point

About Automatic Policy Acquisition Function

The Automatic Policy Acquisition function is to obtain policy once every day when the client (CT) is installed on a PC that is always running (Example: file server). CT policy and user policy are obtained between 00:30 and 01:30 every day (if policies cannot be obtained during the time because the client (CT) was in sleep mode, for example, then policies will be obtained when it becomes possible).

In a situation where the client (CT) and Management Server are offline, and a user to whom the user policy is set is logged on, the user policy previously applied to the CT will be applied. For the CT to which the user policy of the logged-on user has never been applied, the CT policy will be applied.

Policy Change

The situation determines which policy will be valid for which operation that is performed by the system administrator (department administrator), client (CT), and smart device (agent) user.
This Department describes the relationship between operation content and valid policy.

To confirm the set policies, start the Management Console.
After the CT group to which the client (CT) and smart device (agent) to be confirmed belong has been selected in the CT group tree, if the client (CT) and smart device (agent) are selected from the CT list, the CT policy will be displayed in the policy list.
Select the User Policy Settings from the User Settings menu. After the user group to which the user expected to be confirmed belongs has been selected from in the displayed window, if a user is selected from the user list, the user policy will be displayed in the policy list.

Relationship between CT Group Policy and CT Policy
  1. Create a group.

    The value of terminal initial settings is set as the group policy.

    But in case of a 3-layer system structure, when creating a CT group in the subordinate Management Server under the Master Management Server by connecting to the Master Management Server, the policy that has been set in the Master Management Server will be set for this CT group.

  2. Modify the group policy as needed.

    The group policy will be modified as follows:

    • Modify the group policy of "CT Group 3" from "Terminal Initial Settings Value" to "Policy A".

  3. After the CT is installed and the client (CT) has communicated with the Management Server, the terminal initial settings value will be set as CT policy.

  4. Move the client (CT) to each group.

    In the CT policy of the client (CT) that is directly moved out from the Root directory, the value of terminal initial settings is set.
    In the policy of the client (CT) for which "Apply Group Policy" check box is selected, the group policy of moving destination will be set.

  5. Create a sub-group.

    In the group policy of the created sub-group, the group policy of the upper class group will be set.

    In addition, the modified CT policy of "CT1-2" from "Terminal Initial Settings Value" to "Policy B".

  6. Move a CT.

  7. Move a CT group.

    After a CT group is moved, the subordinate CTs will be moved at the same time.
    The moved CT group and CT policy will not be modified. It is still the policy before moving.

  8. After the "Apply Group Policy" check box has been selected, even if the policy of the CT exists under the Root directly is updated immediately, CT policy will still be applied. The settings of "Apply Group Policy" will be invalid.

Relationship between User Group Policy and User Policy

The relationship between user group policy and user policy is the same as the change of policy described in "Relationship between CT Group Policy and CT Policy".

Client (CT) Operation and Valid Policy

This Department describes the policy that become valid during the client (CT) operation when CT policy and user policy are used at the same time. (The user policy will not be applied to the smart device (agent).)

The application of user policy is judged by the result of confirming whether the user information (user name) has been registered in the Master Management Server or Management Server, based on the user name that is input when logging on to Windows.
In this case, it has nothing to do with domain authentication status and confirmation is performed only according to the user name that is input when logging on to Windows. Therefore, even for the user name without domain authentication, if it is in accordance with the user information (user name) registered in the Master Management Server or Management Server, the user policy of this user information (user name) will be applied.

Select three users out of the five from "User (1) to User (5)" to register to the Management Server.
After the user is registered, set the user policy of "User (1)" to "User (3)" as follows:

User Name

User Policy

User (1)

Policy X

User (2)

Policy Y

User (3)

Policy Z

User (4) and User (5) are not registered.

When the client (CT) and Management Server are always online

  1. Start the client (CT).

    After starting the service of Systemwalker Desktop Keeper, CT policy will take effect. (For the interval from PC startup to the startup of Systemwalker Desktop Keeper service, the settings of CT policy will become invalid.)

  2. User (2) logs on to the client (CT).

  3. User policy (Policy Y) takes effect.
    It will take 2 to 3 minutes from the logon to Windows until the user policy is applied. CT policy will be valid before the user policy is applied. User (2) will be logged off.

    CT policy will take effect.

  4. User (3) logs on to the client (CT).

    User policy (Policy Z) will take effect.

    a) In the User Policy Settings window, after setting Not Using User Policy for User (3), the system administrator (department administrator) will click the Update button.

    b) Then for the client (CT) to which the User (3) logs on, click Update Immediately in the CT policy settings window after the Management Console has been started.
    CT policy is updated immediately.

    c) In the User Policy Settings window, after canceling the settings of Do not Apply User Policy for User (3), the system administrator (department administrator) will click the Update button.

    d) Then for the client (CT) to which the User (3) logs on, click Update Immediately in the CT policy settings window after the Management Console has been started.
    User policy (Policy Z) is updated immediately.

  5. User (3) will logoff.

    CT policy will take effect.

  6. User (4) logs on to the client (CT).

    CT policy will be valid.

    When the user that has not been registered has logged on, operate with CT policy.

  7. User (4) will logoff.

    CT policy will be valid.

When the client (CT) and Management Server are not always online

  1. Start the client (CT) when it is offline.

    After the service of Systemwalker Desktop Keeper has been started, CT policy will take effect. (For the interval from PC startup to the startup of Systemwalker Desktop Keeper service, the settings of CT policy will become invalid.)

  2. User (2) logs on to the client (CT).

    As the client (CT) cannot get user information from Management Server when it is offline, CT policy will take effect.

    When it becomes online during the logon process, user policy (Policy Y) will take effect. It will be 2 to 3 minutes from offline till the user policy is applied.

  3. User (2) will logoff.

    CT policy will take effect.

  4. User (3) logons to the client (CT).

    User policy (Policy Z) will take effect.

    When it becomes offline during the logon process, the user policy will still be valid.

  5. User (3) will logoff.

    CT policy will take effect.