6.Check the Policy is kept up to date with Policy File Library box if you want to regularly update the SIF files in this policy using the policy file library available on line.
This option is available only if the server can access a Policy File Library.
7.If you want the policy to be available to use in audits, check the Make this policy active box.
Clear the check box to make the policy unavailable to use in audits without deleting the policy.
8.If you want to policy to be available to use in
9.For
10.Set Windows Group Access. Enter Windows groups, separated by a comma, that can use this policy, remediate audit results generated using this policy, and view audit results for it. This establishes which users can access this policy and its audit results due to their role. If a Windows User Group isn't on the local computer, you'll need to enter the group in domain\groupname format.
•In the Use Policy field, enter the Windows groups who should be able to modify the policy.
•In the Remediate field, enter the Windows groups who should be able to remediate audit results generated using this policy.
•In the View Audit Results field, enter the Windows groups who should be able to view results from audits using the policy.
To grant all users access, type Everyone. To restrict all users, type None.
11.Click Update to revise the Policy settings in the database.
Any
Deleting Policies
Click the Delete hyperlink for the policy that you want to remove. When you delete a policy, you remove it from the database. A warning appears to remind you that you are about to delete a record from the database. Cancel the action or delete the record.
Configuring with Run-Time Policy Variables
Some policy files, such as the NSA Guidelines for Windows XP and Windows 2000, contain a special rule named .CONFIGURE. The .CONFIGURE rule allows you to configure your policy files and set global parameters for policy files at run time.
Certain information is unique and distinct between systems or groups of systems. A
To understand the
31
