The Local Policy Editor
The Local Policy Editor provides an easy way to edit the Local policy. To access the Editor, click Start > Programs > Novell SecureLogin > Secure Workstation Policy Editor.
The following figure illustrates the Local Policy Editor's main dialog box:
By default the Local policy is inactive, and most of the controls on the dialog box are inactive. To activate the Local policy (and all of the controls on the dialog box), check the Activate Local Workstation Policy check box.
The Secure Workstation Policy enables you to specify the lock events that Secure Workstation should watch for, and what action should be taken when an event occurs. The Events list box displays a list of lock events.
You can edit settings for a specific event by selecting the event in the list box and clicking Edit Event. A dialog box is displayed with settings for the event you select. As the following figure illustrates for the Inactivity Timeout event, the dialog box for each event contains an Activate check box.
Secure Workstation ignores the event unless this box is checked.
As the following figure illustrates, the Lock Actions group box for each event contains the following:
- A drop-down list for selecting a Default Action
- A drop-down list for selecting an Action for Terminal Services Clients
The Default Action list contains the following items:
- Log Out of the Workstation
Logs the user out of Windows.
- Log Out of the Network
Logs the user out of either Client32TM or the LDAP Authentication Client, depending on which one has been installed.
- Close All Programs
Closes a set of programs specified in the Advanced section of the policy.
- Close All Programs and Log Out of the Network
- Lock the Workstation
Causes the same result as pressing Ctrl+Alt+Del, then selecting Lock Workstation.
The Action for Terminal Services Clients list contains the following items:
- Log Out of the Workstation
- Log Out of the Network
- Close All Programs
- Close All Programs and Log Out of the Network
- Disconnect the Session
Disconnects a remote terminal services session.
When a lock event is triggered, Secure Workstation takes the action associated with that event. Secure Workstation uses the default action unless the user's session is being served to a remote workstation using either Citrix* or Windows Terminal Services. Secure Workstation refers to these as Remote Sessions.
NOTE: For SecureLogin 3.51.2, detection of removed devices for remote sessions hasn't been implemented. Detection of removed devices works from the console but not for Citrix or Terminal Services clients.
To see details about the policy that Secure Workstation is currently enforcing, click View Effective Policy, found on Secure Workstation's main dialog box. For information about the Effective policy, see Understanding Secure Workstation Policies.
If you have recently started the Novell Secure Workstation service, it might not have an Effective policy yet. If so, you will get an error message when you click View Effective Policy. The service creates an Effective policy only when the user logs in to Windows, or when a user logs in using the Post-Login Method for NMAS.
NOTE: If you are running the Local Policy Editor on a Terminal Server, the policy editor shows the Effective policy for the session that it is running in.