This document shows how to remove older policy versions that are no longer needed. You can do this with the dmsmgr utility.
Guidance
Here is a policy created with 5 versions.
AC> list policy
(DMS__@localhost)
CATest#01
CATest#02
CATest#03
CATest#04
CATest#05
The command to use has the following syntax:
dmsmgr -cleanup -policy <policy name> -vcount <number of versions to keep> {-dms|dh} <DMS/DH name>
To keep only the last two versions of policy “CATest” the command to use would be the following:
C:\Users\Administrator>dmsmgr -cleanup -policy "CATest" -vcount 2 -dms DMS__
CA Access Control dmsmgr v12.61.1468 - dmsmgr utility
Copyright (c) 2010 CA. All rights reserved.
Successfully removed policy: CATest#01.
Successfully removed policy: CATest#02.
Successfully removed policy: CATest#03.
Operation completed successfully
Verified the removal:
AC> list policy
(DMS__@localhost)
CATest#04
CATest#05
Besides old policies one might be interested in removing old deployment information. This is something that should be done a few times a year to keep the DMS/DH clean and tidy.
The following example will remove all DEPLOYMENT objects from the database that are older than 30 days:
dmsmgr -cleanup -deployment -days 30 -dms DMS__@
dmsmgr -cleanup -deployment -days 30 -dh DH__@
There might be a problem if Deployment Audit contains information that is needed for auditing purposes. But this is a very rare case which so far has never happened
Please be aware that that the dmsmgr –cleanup –policy does not remove the RULESET objects – just the POLICY objects.
AC> list ruleset
(DMS__@localhost)
CATest#01
CATest#02
CATest#03
CATest#04
CATest#05
The RULESET objects may be removed as follows:
AC> rr ruleset CATest#03 noexit
(DMS__@localhost)
Successfully deleted RULESET CATest#03
AC> rr ruleset CATest#02 noexit
(DMS__@localhost)
Successfully deleted RULESET CATest#02
AC> rr ruleset CATest#01 noexit
(DMS__@localhost)
Successfully deleted RULESET CATest#01