Managing Offline Permissions for Protocols
For details on the Permissions feature for protocols, see
Managing Permissions for Protocols.
Offline permissions can have one of the following states:
•Not Configured - No permission settings are specified for the protocol.
•Configured - Different accounts are assigned different permissions for the protocol.
•Full Access - All accounts have full access to the protocol.
This state shows up, for example, when permissions are set only for the “Everyone” account so that it has full access to the protocol.
•No Access - No accounts have access to the protocol.
This state shows up, for example, when the “Everyone” account is explicitly denied any access to the protocol, or permissions are not set for any accounts. Note that the denial for the “Everyone” account overrides any permissions for other accounts.
•Use Regular - Inheritance of offline permissions is blocked and regular permissions are enforced. Offline DeviceLock Service settings can have this state only in DeviceLock Service Settings Editor or DeviceLock Group Policy Manager.
The enforcement of regular permissions is helpful when using Group Policy or DeviceLock Service settings files (.dls) to deploy DeviceLock policies throughout the network as this kind of enforcement can be used to prevent offline permissions inherited from a higher level from being applied to a specific group of client computers at a lower level.
Managing offline permissions involves the following tasks: