deviceTRUST 23.1.410 for Windows and macOS, and 23.1.400 for Ubuntu, iOS and IGEL OS 12 are now available.
×

File-Based Policy Settings

The File-Based Policy Settings defines the behavior of File-Based Policy.

The default behavior is for the deviceTRUST agent to load File-Based Policy located within the deviceTRUST policy folder. This behavior can be customized to only load File-Based Policy imported into the policy folder by an authorized user, or to never load file-based policy.

The File-Based Policy Settings.
The File-Based Policy Settings.

The following controls are available:

  • Load all policy files from policy folder - When selected, any file located within the policy folder will be loaded.
  • Load policy files imported by one of the following accounts - When selected, only users within the Permitted Accounts can import File-Based Policy into the policy folder using the dtcmd tool. See Importing below.
  • Do not load policy from disk - When selected, policy files will not be imported from the policy folder. This option is only used when defined within a GPO.

Importing

When Load policy files imported by one of the following accounts has been enabled, only users within the Permitted Accounts can import File-Based Policy into the policy folder using the dtcmd tool.

Permitted users can import file-based policy using the following command:

dtcmd IMPORT /add:<filepath>

Permitted users can remove file-based policy using the following command:

dtcmd IMPORT /remove:<filepath>

Permitted users can remove all file-based policy using the following command:

dtcmd IMPORT /clear

For more information on deviceTRUST policy see Policy Loading