locked
UAG 2010 SP1 - Default Settings "Privileged Endpoint Policy" RRS feed

  • Question

  • Hallo,

    I have a question to the default privileged endpoint policy in UAG 2010 SP1 - how/where can I see which settings/expressions are set in all these default Policies especially in the privileged endpoint policy?

    Regards

    Christian

    Wednesday, August 10, 2011 7:59 AM

Answers

  • Hi Christian,

    the default setting of the "privileged endpoint" policy is set to "False". This setting will cause UAG to never grant the "priviledged access" in a default configuration.

    You will be able to change this behavior through the UAG Policy Management by simply changing the value to "True" (which will grant every user "priviledged access") or you can specify selected policy variables to meet before granting a "priviledged access".

    Example:

    "Any_Anti_Virus And (eGapComponents_CertifiedEndpoint or (eGapComponents_AttachmentWiper_Installed And eGapComponents_AttachmentWiper_Running) or Corporate_Machine)"

    For more information about configuring the "priviledged access" i'd like to recommend reading the following articles...

    http://blogs.technet.com/b/ben/archive/2010/09/03/default-session-vs-privileged-session-vs-privileged-endpoint.aspx

    http://technet.microsoft.com/en-us/library/dd897093.aspx

    -Kai


    • Proposed as answer by Kai Wilke Saturday, August 13, 2011 11:59 PM
    • Marked as answer by Erez Benari Friday, August 26, 2011 10:33 PM
    Wednesday, August 10, 2011 8:57 AM