The Secure Workstation policy specifies how Secure Workstation behaves.
The Local policy
The Network policy
The Effective policy
The Local policy is stored under an ACL-protected registry key on the workstation.
The Network policy is stored in eDirectory and delivered to the workstation using the NMAS Post-Login Method. For more information, see Installing the NMAS Server Methods
in the Novell SecureLogin 6.1 SP1 Administration Guide.
The Effective policy is created by combining the Local policy with the Network policy.
Secure Workstation always enforces the Effective policy.
Secure Workstation reads the Local policy each time a user logs in to Windows. As long as the Novell Secure Workstation Service is running, the Local policy will be in effect during each user's Windows session.
When a user logs in to the network using the Secure Workstation Post-Login Method for NMAS, the post-login method sends the Network policy to the Novell Secure Workstation Service. The service reads the Local policy and combines it with the Network policy to create the Effective policy. The Effective policy consists of the most secure settings from the Local policy and the Network policy.
To see details about the policy that Secure Workstation is currently enforcing, click , in the Secure Workstation’s main dialog box. If you have already started the Novell Secure Workstation service, it might not have an effective policy yet. If so, you get an error message when you click . The service creates an Effective policy only when the user logs in to Windows, or when a user logs in using the Post-Login Method for NMAS.
The priority between the Local Policy and Network Policy depends on the action executed in the policy. For example, if the Local Policy is set to and the Network Policy is set to , the Effective Policy considers both these events and enforces the most secure settings of the Local and Network policy.
If a user logs in to Windows but does not use the post-login method, the service creates the Effective policy by making a copy of the Local policy.
When upgrading or uninstalling Novell SecureLogin, ensure that the Secure Workstation policies are configured in such a manner that they do not terminate the Novell SecureLogin installation.