Agent configuration policy overview

Agent configuration policies let you control general Connected Agent behavior by specifying default values for Agent preference settings. The following list describes the key concepts of Agent configuration policies.

Policy components

Each agent configuration policy contains the following components:

General details. Policy name, policy scope (corporate or group level), and description.
Agent preferences. The policy lets you customize these items:
- Desktop notifications. Change which desktop notifications the Agent displays.
- Agent startup. Configure whether the Agent starts automatically when users log on to their computer.
- Agent scans. Delay the scan that occurs when the Agent starts for up to 60 minutes. This setting affects only Agent version 4.11 or later.
- Hide Menu Options. Configure to hide Exit and Access web console menu options in Agent.
- Service Operations. Allow Connected Agent to backup or restore assets in context of Windows service level. Select the Allow Service Operations on Windows option to enable this rule.
  
  This is applicable only for Windows Connected Agent 25.2 or later.
  CAUTION: In a multi-user windows environment, a user with web access will be able to view backed up files of other Windows users on Connected Web Application even when Windows prohibits such access. It is recommended to disable below rules from Backup Policy applying to the group where the intended user is part of:
  - Allow users to view files in their backup sets
  - Allow users to download files from their backup sets
  For example,
  - Scenario 1: In a multi-user Windows environment with user A and user B having Connected Agent installed under user A’s context which has Allow Service Operations on Windows enabled. In such a scenario, post backup, Connected Agent user A will be able to see both user A and user B data on the Web Application.
  - Scenario 2: In a multi-user Windows environment with user A and user B having Connected Agent installed under user A’s context which has Allow Service Operations on Windows enabled. After some backups, if Allow Service Operations option is disabled for user A, then after Connected user A performs regular backups, will still be able to see the files of user B on the Web Application.
  In such scenarios, as described above, it is recommended to disable Allow users to view files in their backup sets and Allow users to download files from their backup sets rules from Backup Policy applying to the group where the intended user is part of.

Default Agent preferences

Agents use the following preference settings when not controlled by policy:

Desktop notifications. Agents display status, warning, and error notifications.
Agent startup. Agents start automatically on computer startup.
Agent scan. Agents start scanning immediately after they start.

Ability to lock policy components

You can lock this policy's components to prevent users or other policies from overriding them:

Users can override unlocked settings through their Agent's preference settings.
Group-specific policy settings override unlocked settings in the following:
- Corporate-level policy
- Policies assigned to the group's direct ancestors

Policy status

When you create a Agent configuration policy, you can either publish it or save it as a draft. Published policies take effect immediately. The Policies page identifies the status of Agent configuration policies using these icons:

Unpublished draft
Published draft

Policies with a draft in progress include the qualifier:

Contact

Send documentation feedback

To send feedback using your default email client, open an email window.

Otherwise, send your feedback and the information below to Connected.DocFeedback@microfocus.com.

We appreciate your feedback!

Product: Connected 25.2

Topic Title: Agent configuration policy overview

Submit service request

View service requests

For support, contact your Connected administrator.

Policy components	Each agent configuration policy contains the following components: General details. Policy name, policy scope (corporate or group level), and description. Agent preferences. The policy lets you customize these items: Desktop notifications. Change which desktop notifications the Agent displays. Agent startup. Configure whether the Agent starts automatically when users log on to their computer. Agent scans. Delay the scan that occurs when the Agent starts for up to 60 minutes. This setting affects only Agent version 4.11 or later. Hide Menu Options. Configure to hide Exit and Access web console menu options in Agent. Service Operations. Allow Connected Agent to backup or restore assets in context of Windows service level. Select the Allow Service Operations on Windows option to enable this rule. This is applicable only for Windows Connected Agent 25.2 or later. CAUTION: In a multi-user windows environment, a user with web access will be able to view backed up files of other Windows users on Connected Web Application even when Windows prohibits such access. It is recommended to disable below rules from Backup Policy applying to the group where the intended user is part of: Allow users to view files in their backup sets Allow users to download files from their backup sets For example, Scenario 1: In a multi-user Windows environment with user A and user B having Connected Agent installed under user A’s context which has Allow Service Operations on Windows enabled. In such a scenario, post backup, Connected Agent user A will be able to see both user A and user B data on the Web Application. Scenario 2: In a multi-user Windows environment with user A and user B having Connected Agent installed under user A’s context which has Allow Service Operations on Windows enabled. After some backups, if Allow Service Operations option is disabled for user A, then after Connected user A performs regular backups, will still be able to see the files of user B on the Web Application. In such scenarios, as described above, it is recommended to disable Allow users to view files in their backup sets and Allow users to download files from their backup sets rules from Backup Policy applying to the group where the intended user is part of.
Default Agent preferences	Agents use the following preference settings when not controlled by policy: Desktop notifications. Agents display status, warning, and error notifications. Agent startup. Agents start automatically on computer startup. Agent scan. Agents start scanning immediately after they start.
Ability to lock policy components	You can lock this policy's components to prevent users or other policies from overriding them: Users can override unlocked settings through their Agent's preference settings. Group-specific policy settings override unlocked settings in the following: Corporate-level policy Policies assigned to the group's direct ancestors
Policy status	When you create a Agent configuration policy, you can either publish it or save it as a draft. Published policies take effect immediately. The Policies page identifies the status of Agent configuration policies using these icons: Unpublished draft Published draft Policies with a draft in progress include the qualifier: