The Local File Rights policy allows you to configure rights for files or folders that exist on the NTFS file systems.
In ZENworks Control Center, click the
tab.In the
list, click , then click to display the Select Policy Type page.Select
, click to display the Define Details page, then fill in the fields:Policy Name: Provide a name for the policy. The policy name must be different than the name of any other item (group, folder, and so forth) that resides in the same folder. The name you provide displays in ZENworks Control Center.
Folder: Type the name or browse to and select the ZENworks Control Center folder where you want the policy to reside. The default is /policies, but you can create additional folders to organize your policies.
Description: Provide a short description of the policy’s content. This description displays in ZENworks Control Center.
Click
to display the Configure Basic Properties page, then use the options on the page to configure the attributes.The following table contains information about configuring a file or folder and the attributes associated with it:
Field |
Details |
---|---|
|
Allows you to specify the complete path of a file or folder on the managed device. You can use the ZENworks system variables or environment variables to specify the path. To configure system variables in ZENworks Control Center, click the tab > the setting in the Management Zone Settings panel > . Click the button for details about configuring system variables. |
|
Allows you to specify the attributes of a file or folder, such as and . |
This page allows you to configure permissions for only one file or folder. If you want to assign permissions to multiple files or folders, then configure them in the Details page after creating the policy.
Click
to display the Configure Permissions page, then use the options on the page to configure permissions for selected users or groups.The following table contains information about configuring permissions:
Field |
Details |
---|---|
|
Allows you to configure permissions for users or groups.
The permissions configured for the user or group in the Dynamic Local User policy takes precedence over the permissions configured in the Local File Rights policy. |
|
Creates a group for which permissions are configured; however the group does not exist on the managed device. With this option, you can create only local groups. |
|
Removes all access control entries for users or groups not configured by the ZENworks Local File Rights policy. Also, updates the existing access control entries for users and groups configured in the policy. After the policy is applied, any manual changes made to the permissions for a user or group configured by the policy are lost when the policy is re-applied. |
|
Select if you want a file or folder to inherit applicable access control rules from its parent object. If you select , inherited rules are removed. If you do not want to make any changes, select on the managed device.At least one attribute, permission, or inheritance setting must be configured to create a policy. Without configuring any settings, you cannot create a policy. |
NOTE:If the
access right is denied for the Administrators or Authenticated Users group, the policy is successful only during the first enforcement. However, if the access right is denied for the Administrators or Authenticated Users group and the option is selected, the policy fails.The unenforcement of the Local File Rights policy from a device fails if the Full Control access right is denied for the Administrators or Authenticated Users group in the policy.
Click
to display the Summary page.Click system requirements, enforcement, status, and which group the policy is a member of.
to create the policy now, or select to specify additional information, such as policy assignment,