Undefining offline audit and shadowing rules
You can return previously defined offline audit and shadowing rules to the unconfigured state. If offline rules are undefined, regular rules are applied to offline client computers.
To undefine offline audit and shadowing rules
1. If using DeviceLock Management Console, do the following:
a) Open DeviceLock Management Console and connect it to the computer running DeviceLock Service.
b) In the console tree, expand DeviceLock Service.
If using DeviceLock Service Settings Editor, do the following:
a) Open DeviceLock Service Settings Editor.
b) In the console tree, expand DeviceLock Service.
If using DeviceLock Group Policy Manager, do the following:
a) Open Group Policy Object Editor.
b) In the console tree, expand Computer Configuration, and then expand DeviceLock.
2. Expand Protocols.
3. Under Protocols, select Auditing, Shadowing & Alerts.
When you select Auditing, Shadowing & Alerts in the console tree, in the details pane you can view protocols for which you can define audit, shadowing rules and alerts. In the details pane you can also view the current state of offline rules for each protocol in the Offline column.
4. In the details pane, right-click the protocol for which you want to undefine offline audit and shadowing rules, and then click Undefine Offline.
You can undefine audit and shadowing rules defined for several protocols at the same time. To do this, do the following:
a) In the details pane, select several protocols by holding down the SHIFT key or the CTRL key while clicking them.
b) Right-click the selection, and then click Undefine Offline.
The offline state of the audit and shadowing rules changes to “Not Configured.”