locked
Multiple policies for one server? RRS feed

  • Question

  • Hello,

    I put in place a serie of exclusions by creating a Policies in the FCS Console for each of these groups of machines within the SCOM Environment:

    SQL Database Servers:
    These include the SQL Server database files used by Operations Manager components as well as system database files for the master database and tempdb.  To exclude these by directory, exclude the directory for the LDF and MDF files:

    MOM 2005 (management servers and agents):
    These include the queue and log files used by Operations Manager.

    OpsMgr 2007 (management servers and agents):
    These include the queue and log files used by Operations Manager.

    Exclusion of File Type by Extensions:
    Real-time, scheduled scanner and local scanner file extension specific exclusions for Operations Manager: 

    SQL Database Servers:
    These include the SQL Server database files used by Operations Manager components as well as system database files for the master database and tempdb. 

    MOM 2005 (management servers and agents):
    These include the queue and log files used by Operations Manager.

    OpsMgr 2007 (management servers and agents):
    These include the queue and log files used by Operations Manager.

    but it seems Forefront Client Security can apply only one policy per group...

    Which means for the DW which has Application and SQL Application overwrite the SQL Polciy and I had only one applied... any tricks?

    the RMS is SQL, Application and Console so it has three policies!!!

    Anyway to apply several policies without overwritting the previous one?


    Thanks,
    Dom



    System Center Operations Manager 2007 / System Center Configuration Manager 2007 R2 / Forefront Client Security / Forefront Identity Manager
    Monday, August 1, 2011 4:44 AM

Answers

  • Hi Dom,

    Thank you for your post.

    but it seems Forefront Client Security can apply only one policy per group...
    It is caused by design, FCS each client computer can have only one Client Security policy applied to it.

    Anyway to apply several policies without overwriting the previous one?
    The only way is that merge policies to one policy manually and deploy it to groups or OU. It's ok that FCS clients scan option exclude SQL database file though SQL Server is not installed.
     
    If there are more inquiries on this issue, please feel free to let us know.


    Regards,
    Rick Tan
    • Marked as answer by Felyjos Tuesday, August 2, 2011 1:46 PM
    Tuesday, August 2, 2011 7:10 AM