Policies

PMC functions on a role-based access control (RBAC) system, where the role assigned to a user dictates what features this user has access to. A standard user must have sufficient permissions to access the Policies page and options. For more information, see Role Based Access Control.

The Policies page allows you to see and interact with the policies being deployed by PMC.

To access the Policies page, on the sidebar menu, select Policies.

The policies page allows you to interact with the policies being deployed.

You can perform the following tasks on the Policy page:

  • Create a policy
  • Open a policy
  • View the policy details
  • Edit and lock a policy
  • Edit the policy properties
  • Assign a policy to a computer group
  • Download the latest revision
  • Upload a policy revision
  • Revert and discard changes to a policy
  • Delete a policy

Choose Policies Columns to Display

Choosing the columns to display image

You can choose which columns to display in the grid.

To select which columns to display, at the top-right of the grid, click the Choose Columns to Display icon and select one or more columns to display.

The columns appear from left to right in the grid, in the order that you select them.

The following columns can be displayed:

  • Name: The policy name. Click to access the Policy Editor for this policy.
  • Locked By: Which user the policy has been locked by.
  • Created: The date and time when the policy was created.
  • Total Assigned: The number of groups the policy is assigned to.
  • Size: The size of the policy.
  • Revisions: The number of revisions that have been made to the policy.
  • Users: The number of users that can access this policy, by user roles. Click to view the list.
  • Period Locked: How long since the policy was last locked.

 

Upload a File in PMC to Create Policy

You can upload an XML policy file in PMC when you first create the policy, or make edits to the policy at a later time.

To upload an XML file for a new policy:

Select Import Policy to upload an XML policy file.

  1. On the sidebar menu, click Policies.
  2. At the top of the Policies grid, click Create Policy.
  3. Select the desired policy template and enter policy details.
  4. Click Create Policy.
  5. Select Utilities > Import Policy.
  6. Choose either Merge Policy or Overwrite Policy and click the box to import your XML policy. You can also drop the file to upload in the box.
  7. Click Upload File.

To upload an XML file for an existing policy:

  1. On the sidebar menu, click Policies.
  2. To the right of the policy you want to edit, click the vertical ellipsis icon, and then select Edit Policy.
  3. Select Utilities > Import Policy.
  4. Choose either Merge Policy or Overwrite Policy and click the box to import your XML policy. You can also drop the file to upload in the box.
  5. Click Upload File.

Upload a Policy Revision

You can upload a new revision of an existing policy. Policies downloaded from PMC, modified and then reuploaded are recognized as a new revision based on a unique identifier in the XML.

To upload a new revision of an existing policy:

  1. On the sidebar menu, click Policies.
  2. To the right of the policy you want to edit, click the vertical ellipsis icon, and then select Revision History.
  3. Click Upload Revision. Browse to the XML file and click Open. The XML file is uploaded to the portal.
  4. The new revision is uploaded, provided the XML validation passes. If the XML policy does not pass validation, the row is highlighted in red, and the policy is not uploaded.
  5. On the Auto Assign Policy to Groups dialog box, select the groups to update with the new policy revision.
  6. Select Apply to Groups.

Each time the same policy is checked in, the revision of the policy is incremented.

View Policy

You can view the contents of a policy in read-only mode.

To view a policy:

  1. On the sidebar menu, click Policies.
  2. To the right of the policy you want to view, click the vertical ellipsis icon, and then select View Policy. You can also just click on the policy name.
  3. When done viewing the policy information, in the Read Only box at the top center of the page, click the Policy List link to return to the Policies page.
  4. If you want to edit a policy, proceed as described in Edit a Policy.

Download Latest Policy Revision

You can download the latest revision of a policy from PMC in XML format if required.

To download the latest policy revision as an XML file:

  1. On the sidebar menu, click Policies.
  2. To the right of the policy you want to edit, click the vertical ellipsis icon, and select Download Latest Revision.

If you want to download a previous revision version, select Revision History from the dropdown menu.

Assign a Policy to a Group

  1. On the sidebar menu, click Policies.
  2. To the right of the policy you want to assign, click the vertical ellipsis icon, and then select Assign Policy to a Group.
  3. In the Assign Policy to a Group panel, use the dropdown list to select the revision for the policy you want to assign, and then select the group.
  4. Click Assign Policy.

You should see a green dialog box appear at the bottom middle of the console to confirm that the policy was applied successfully.

Discard Policy Draft and Undo Check Out in MMC Snap-in

If a policy is checked out using the Privilege Management MMC snap-in, you can force PMC to discard the changes and undo the checkout. You must be an Administrator or Policy Administrator.

To discard draft and undo checkout of a policy:

  1. On the sidebar menu, click Policies.
  2. To the right of the policy you want to edit, click the vertical ellipsis icon, and then select Revert & Discard Changes.
  3. Review the warning and click Revert & Discard to revert the policy changes; otherwise, click Cancel.

Promote a Policy

If you change a policy and you want to discard those changes, you can promote a previous version of the policy.

Promote policy menu item in PM Cloud

To promote a previous version of a policy:

  1. On the sidebar menu, click Policies.
  2. To the right of the policy you want to edit, click the vertical ellipsis icon, and then select View Policy Details.
  3. In the Policy Details panel on the left, click Revisions.
  4. To the right of the policy you want to promote, click the vertical ellipsis icon, and then select Promote to Latest Revision.

 

  1. On the Promote Policy to Latest Revision dialog box, you can add notes for future reference.
  2. If the policy is already applied to certain groups, you can choose to apply the latest revision now by checking the Yes, auto assign latest revision to group(s) box.

 

To auto-assign a policy revision to one or more groups, you must be an administrator user or a standard user with permissions to all the groups that are affected by the policy. If you have insufficient access permissions, the auto-assign policy feature will not be accessible.

  1. Click Promote to Latest.

For more information on roles and permissions, see Role Based Access Control.

Delete a Policy

You can only delete policies if they are unlocked.

If a policy is locked, the Delete button is not available for use. The policy must be unlocked first.

To delete an unassigned policy:

  1. On the sidebar menu, click Policies.
  2. To the right of the policy you want to delete, click the vertical ellipsis icon, and then select Delete.
  3. You are prompted to check that you do want to perform this action. To confirm and discard the policy, click Delete Policy; otherwise, click Cancel.

To delete an assigned policy:

  1. On the sidebar menu, click Policies.
  2. To the right of the policy you want to delete, click the vertical ellipsis icon, and then select Delete.
  3. The Policy Deletion Warning dialog box appears, indicating that this policy is assigned to one or more groups. You have two options:
    • Select a different policy and revision to assign to the group(s), and then click Confirm.
    • Click Confirm without assigning any policy. The group or groups are no longer policy controlled.