6.Select the Extendable check box.
7.Click Apply.
The user must log out and then log on again for the new JITA setting to be applied.
Disabling a JITA for a user or group
Administrators can disable user or group access to devices using
1.In the left pane of HP ProtectTools Administrative Console, click Device Access Manager, and then click JITA Configuration.
2.From the device’s
3.Select the user or group whose JITA you wish to disable.
4.Clear the Enabled check box.
5.Click Apply.
When the user logs in and attempts to access the device, access is denied.
Advanced Settings
Advanced Settings provides the following functions:
●Management of the Device Administrators group
●Management of drive letters to which Device Access Manager never denies access.
The Device Administrators group is used to exclude trusted users (trusted in terms of device access) from the restrictions imposed by a Device Access Manager policy. Trusted users usually include System Administrators. See Device Administrators group on page 54 for more information.
The Advanced Settings view also enables the administrator to configure a list of drive letters to which Device Access Manager will not restrict access for any user.
NOTE: The Device Access Manager background services must be running when the list of drive letters is configured.
To start these services:
1.Apply a Simple Configuration policy, such as denying all
– or –
Open a command prompt window with Administrator privileges, and then type:
sc start flcdlock
Press enter.
2.When the services are started, the drive list can be edited. Enter the drive letters of devices that you do not want Device Access Manager to control.
The drive letters are displayed for physical hard disks or partitions.
NOTE: Whether or not the system drive (typically C) is in this list, access to it will never be denied for any user.
Advanced Settings 53