Each Compliance Action Rule contains one or more Remediation objects. A Remediation object runs a specified application or script to make the endpoint computer compliant. It can also send alert messages to users.
After a Remediation object is created, you can use the same object in many Action rules.
To create a new or change an existing Remediation object:
Option |
Description |
---|---|
Operations |
|
Run Custom File |
Run the specified program or script when an endpoint computer is not compliant. |
Download Path |
|
URL |
|
Parameters |
If the executable specified in the URL runs an installation process, make sure that the executable holds a parameter that specifies the directory where the program should be installed. If the executable does not hold such a parameter, enter one here. |
MD5 Checksum |
Click Calculate to generate a MD5 Checksum, a compact digital fingerprint for the installed application or the remediation files. |
Run as System |
Apply system rights for running the executable file. Not all processes can run with user rights. System rights may be required to repair registry problems and uninstall certain programs. |
Run as User |
Apply user rights and local environment variables for running the executable file. |
Messages |
|
Automatically execute operation without user notification |
Run the executable file without displaying a message on the endpoint computer. |
Execute operation only after user notification |
Run the executable file only after a user message opens and the user approves the remediation action. This occurs when Warn or Restrict is the selected action on a compliance check. |
Use same message for both Non-Compliant and Restricted messages |
Select that the same text be used for both messages. A Non-Compliant message tells the user that the computer is not complaint and shows details of how to become compliant. A Restricted message tells the user that the computer is not compliant, shows details of how to achieve compliance, and restricts computer use until compliance is achieved. |
Message Box |
Displays selected non-compliant and restricted messages. The message box is available only by selecting the Execute only after user notification setting. Click Add, Remove, or Edit to add a message, and remove or revise a selected message. Note: User cannot prevent the remediation application or file from running. |