Privilege Management Settings

You can right-click on the Privilege Management Settings node to access the following commands.

You can click Tools in the right-hand panel to access the Response Code Generator.

By default, Auto Commit Settings is selected. This means any changes made here are saved and applied using Group Policy. Alternatively, you can clear Auto Commit Settings and select Commit Settings when you specifically want those settings to apply.

For more information, please see Privilege Management for Mac Response Code Generator.

The following options are also available:

Create

Creates a new Privilege Management for Mac policy. This will delete any existing policy for all operating systems. If you have an existing policy, you are prompted to remove all existing settings when you click Create. Click Yes to delete your existing policy and create a new one or No to keep your existing policy.

Delete

Deletes your existing Privilege Management for Mac policy. You are prompted to remove all existing settings when you click Delete. Click Yes to delete your existing policy or No to keep your existing policy.

Delete Items and Conflict Resolution

Some items within Privilege Management Settings are referenced in other areas, such as Application Groups and Messages. These items can be deleted at any time, and if they are not referenced elsewhere, they delete without any further action required.

When an item is deleted, Privilege Management Policy Editor will check for any conflicts which may need to be resolved. If the item you attempt to delete is already in use elsewhere in your settings, then a conflict will be reported and must be resolved.

You can review each detected conflict and observe the automatic resolution which will take place if you proceed. If more than one conflict is reported, use the Next conflict and Previous conflict links to move between conflicts.

If you want to proceed, click Resolve All to remove the item from the areas of your Privilege Management Settings where it is currently in use.

Export

Privilege Management for Mac policies can be imported to and exported from Group Policy as .XML files, in a format common to other editions of Privilege Management, such as the Privilege Management ePO Extension. This allows for policies to be migrated and shared between different deployment mechanisms.

To export a policy, click Export and give the file a name. Click Save.

Import

Privilege Management for Mac policies can be imported to and exported from Group Policy as .XML files, in a format common to other editions of Privilege Management, such as the Privilege Management ePO Extension. This allows for policies to be migrated and shared between different deployment mechanisms.

To import a policy, click Import, navigate to the policy XML you want to import, and click Open.

Import Template

Allows you to import template policies.

For more information, please see Templates.

Digitally Sign

You can digitally sign the Privilege Management for Mac settings. Privilege Management for Mac can audit the loading of any valid policy.

Save Report

You can obtain a report of your Windows policy which can be saved locally, if required.

Set Challenge/Response Shared Key

This allows you to set the Challenge/Response Shared Key for the policy. This is encrypted once you have set it. This key is then required by the challenge/response generator to generate response codes. The only way to change the Challenge/Response Shared Key is by setting a new one.

Show Hidden Groups

You can show or hide Application Groups in Privilege Management for Mac.

To show groups that have been hidden by default, right-click on the Privilege Management Settings node and select Show Hidden Groups. You can hide the groups again by clearing Show Hidden Groups.

View

This allows you to view the Workstyles Editor (default).

You can review each detected conflict and observe the automatic resolution which will take place if you proceed. If more than one conflict is reported, use the Next conflict and Previous conflict links to move between conflicts.

If you want to proceed, click Resolve All to remove the item from the areas of your Privilege Management Settings where it is currently in use.

License

Privilege Management for Mac requires a valid license code to be entered in the Privilege Management Policy Editor. If multiple Privilege Management for Mac policies are applied to an endpoint, you need at least one valid license code for one of those policies.

For example, you could add the Privilege Management for Mac license to a Privilege Management for Mac policy that is applied to all managed endpoints, even if it doesn't have any Workstyles. This ensures all endpoints receive a valid Privilege Management license if they have Privilege Management for Mac installed. If you are unsure, then we recommend you add a valid license when you create the Privilege Management for Mac policy.

  1. Click No License. Click to enter a license code to enter a license if one doesn't already exist, or Valid License if you want to enter an additional license code.
  2. Paste your Privilege Management for Mac license code and click Add. The license details are shown.