Symantec Endpoint Encryption Preferred Policy Group Assignment
Article ID: 214037
Updated On:
Products
Issue/Introduction
Symantec Endpoint Encryption has always had the ability to manage clients in its own Policy Groups. In this way, individual machines can be part of different group policies, such as if Autologon is assigned to one group, and not another.
Prior to 11.3.1, the SEE Client would always default to the "SEE Unassigned" group, which is the default group. If you have custom groups, once the SEE client checks in with the SEE Management Server, you would then need to move the machine manually to another group.
SEE 11.3.1 and above now has the ability to create a SEE Client, and have them assigned automatically once they check in with the Management Server.
Resolution
When you go to the SEE Client creation wizard, make note of the field "Preferred Policy Group":
In the screenshot above, you can see that "SEE Unassigned" is selected by default, just like it was in previous versions of the software. If you click the drop-down menu, you'll notice you have the ability to select a policy when you create the client:
Each of the groups available correspond to the SEE Native Encryption Policies you have configured previously:
Now if you select one of these custom policies, as soon as the SEE Client checks in with the SEE Management Server, the client will automatically be assigned to the policy you selected and there is no need to move the machines into that group manually.
Important Note on Policy Assignments: If you already have SEE Clients deployed to the environment, and you install a SEE Client with a different Preferred Policy Group, this will not change to the new group. The old group will still apply. In other words, if you have SEE Clients in the "SEE Unassigned" group, they will remain here until you move them manually from the SEE Management Server.
Additional Information
Feedback
