Policy and Computer Settings

The Policy and Computer Settings section is where you can manage automatic policy deployment, computer deactivation, and computer deduplication.

Policy Deployment

On this page, you can choose to automatically deploy a policy to computers, or manually deploy a policy to computers.

To turn on automatic policy deployment:

  1. Select Configuration from the sidebar menu.
  2. Under Settings, click Policy & Computer Settings.
  3. Click the Automatically deploy policy to computers radio button.

Computer Deactivation Settings

This page allows you to choose whether you want to deactivate computers that have not contacted PMC for a number of days that you define, when you enable the functionality. For example, a computer might not have contacted PMC if it's a duplicate.

The task to deactivate computers runs every day at 02:30 server time on the node where the job service is running. The deactivation job is audited in the Activity Log. You can filter by deactivated computers in the Computers grid.

To set auto deactivation on computers, select Automatically deactivate inactive computers. Enter the number of days that pass before the computer will be deactivated.

Deactivated computers are disconnected from PMC and are no longer able to communicate with PMC. This action can't be reversed unless you reinstall the software on the client computer.

 

With the release of PMC version 20.1, auto deactivate functionality is turned off by default, for both upgrades and new installations. If you want to turn on auto deactivate functionality, use the Computer Deactivation setting. The functionality remains unchanged.

You can also manually deactivate computers.

For more information, please see the following:

You can view a list of deactivated computers from the Computers grid by filtering by the Deactivated status.

Computer Deletion

You can automatically delete deactivated computers.

To set the time frame:

  1. Select Configuration from the sidebar menu.
  2. Under Settings, click Policy & Computer Settings.
  3. Go to the Computer Deletion section.
  4. Click the Automatically Delete Deactived Computers toggle.
  5. Enter a value between 1–365. This is the number of days the computer is in a deactivated status. The computer is deleted after the set number of days pass.
  6. Click Save Changes.

Computer Deduplication Settings

A computer duplicate is one that has the same host name as another computer but has not connected to the Privilege Management Console as recently. Auto deduplication is turned off by default.

To turn on deduplication:

  1. Select Configuration from the sidebar menu.
  2. Under Settings, click Policy & Computer Settings.
  3. Click the Auto Deduplication of Computers toggle. The deduplication job runs nightly and detects duplicate computers.
  4. Click Save Changes.

When deduplication is turned on and duplicate computers are detected, the status is provided on this page.

Duplicate computers detected in PMC

  • Click View Duplicates to display the computers on the Computers page filtered by Total Duplicates.
  • Click Delete Duplicates to remove any duplicates detected. The computers are no longer displayed on the Computers page.