Hey all,
I was hoping someone could clear something up for me regarding mobile user policies. I have a group set up with all of my laptops in it. I have set up a policy as a mobile user policy. This group as several differences from my main policy (Update looks at KAV servers, Anti-Dialer settings, etc). I set up local scans and updates for when they are not in the office connected to our network. I have checked and the updates and scans run with no issues.
However, there are two things that are confusing. First, when I deploy KAV, the policy settings do not change on the laptop. I always have to go in and manually turn things off, add dialer settings, etc. It is like all laptops are using local policy settings even when connected to the network. Second, since they are using local settings, they have complete control to disable anytime they want. I understand that a network policy will not work when they are not on the network but should it take the policy settings when they reconnect? I had someone yesterday who was able to disable KAV while she was on our network. Also, when we set up a new laptop I would love for the policy to change the settings instead of having to manually do this every time.
FYI, the policy settings are set to "Modify all policy settings to the local settings at first policy application."
Thanks.
Full Version: Mobile user policy
Do you have an active policy for the mobile clients too?
The mobile policy will be active when the client cannot connect to the admin kit.
Additional you should create a policy for network agent. This can be placed in the main group and will be inherited to all groups.
You can set a password under service. Then the user cannot make any changes without this password.
The mobile policy will be active when the client cannot connect to the admin kit.
Additional you should create a policy for network agent. This can be placed in the main group and will be inherited to all groups.
You can set a password under service. Then the user cannot make any changes without this password.
QUOTE(Helmut @ 7.08.2009 09:32) 
Do you have an active policy for the mobile clients too?
The mobile policy will be active when the client cannot connect to the admin kit.
Additional you should create a policy for network agent. This can be placed in the main group and will be inherited to all groups.
You can set a password under service. Then the user cannot make any changes without this password.
The mobile policy will be active when the client cannot connect to the admin kit.
Additional you should create a policy for network agent. This can be placed in the main group and will be inherited to all groups.
You can set a password under service. Then the user cannot make any changes without this password.
Thanks for the reply Helmut.
I have a network agent policy applied to all groups with a password set. I have not created an active user policy though. I didn't even think about running two policies in the same group. I just set up the second policy and it looks good.
Thanks again.
You must set a password protection in active and mobile policy too.
QUOTE(Helmut @ 7.08.2009 09:58)
You must set a password protection in active and mobile policy too.
I copied one my existing active policies and just changed a few things to fit my laptop users. All passwords have been set.
Thanks a lot.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.