Video Screencast Help

Policy compliance status

Created: 14 Oct 2013 | 1 comment

What causes the status to change for a managed software delivery? We have deployed a policy (in this case, one that checks for several versions of Java, removes them, and then installs the latest approved version) that runs at user login. If you check the policy status in the Symantec Management Agent, it shows compliant for a period of time, but if you check again later, on that same machine, without loging out, it has changed to not compliant. 

We are still trying to wrap our heads around the trouble-shooting side of policy managment, so I appologize if these questions that I have been asking are a little... well, dumb.

Also, I posted a question earlier asking about different reported status of polices in the Software Compliance Status report. Still trying to figure out why a tatus of Not Applied is listed for a large number of machines. They definitly would have been rebooted by now, so the policy should have been applied.

So I guess what I am after is how to go about troubleshooting managed software delivery / policy failures.

Operating Systems:

Comments 1 CommentJump to latest comment

Dmitri Dragunov's picture

Hi,

If you change the policy on Notification Server it may cause the status to change for a managed delivery policy on client. As you mentioned that this policy is runs at user login, your client receive changed policy and change the status and will wait untill login event will occure to start the compliance check.

Please try to use "At User login" for the Remediation schedule instead of the Compliance schedule and set Compiance schedule to some repeat.

Your policy will check the Java version on client by Compliance schedule (will not wait untill user login in case if the policy will be changed on NS) but installs the latest approved version for Java on user login which is defined for Remediation schedule.

Regards,

Dmitri