The policies window displays each policy on the KeyServer, as well as a summary of current configuration and usage.
Policies are defined by administrators, in order to configure what happens with usage of programs within a product. A policy can have an action of Log, Deny, or Control. For a Control Policy, it can impose usage limits and access restrictions on a product (which is comprised of a program or group of programs). Most importantly, a policy can enforce a purchased number of entitlements. However, policies can also restrict who uses products, when, and for how long.
A default policy (KeyVerify Policy) is created at installation. All other items in this window are defined and maintained strictly through KeyConfigure. Unlike the Computers, Programs, and Connected Clients Windows, items are never automatically added to the Policies window, regardless of user activity.
In many cases, a product will be controlled by a single policy. Conversely, this policy will control only that one product. However, a product can be controlled by multiple policies, and similarly, a policy can control multiple products. The most common reason to have two policies for a single product is to Control the product for computers within a certain scope while ignoring, Logging, or Denying it on other computers. For more about Scope, see the Policy Details Window documentation.
In short, a policy can be thought of as a particular set of access and usage rules being applied to one or more items in the Products Window. When a user attempts to run a program which is part of a product, each policy which controls the product is used to determine whether the program launch will succeed.
The columns in the Policies Window give you a simple overview of all policies. They show the most basic configuration options, as well as a summary of the current usage. Additional columns can be added to the Policies window by right-clicking a column header and selecting “Customize Columns”. Of the default columns, only Name applies to all Policies with all Actions. The rest are only used for Control Policies.
One way to create a new policy is to drag a product from the Products Window into the Policies Window. You can also right-click in the Policies Window and select Create New Policy, in which case you can associate a Product with the Policy after it has been created. Alternatively, if you have entered information for the purchase of the product before adding a Policy to manage the policy, you can use the purchase record to create a new Policy according to the Rights & Conditions defined in the purchase record.
Most policy parameters are modified from the Policy Details Window (double click on a particular policy) but some drag actions are also supported.
Right-clicking on a Policy in the Policies window allows you to Reconcile or Edit Permissions. Additionally, you will see a list of reports that can be run on that policy.
Right-clicking anywhere else in the policies window allows you to create a New Policy....
Policies in the Policies Window can be Dragged and Dropped into the policies list in the Policies pane of a product details window. This sets the product so that it is controlled by the policy.