Removing offline audit and shadowing rules
To facilitate deployment of DeviceLock policies using Group Policy or DeviceLock Service settings files (.dls), DeviceLock provides the ability to block the inheritance of higher-level offline audit and shadowing rules and enforce regular audit and shadowing rules on specific lower-level groups of client computers. To enforce regular audit and shadowing rules, offline audit and shadowing rules must be removed.
To remove offline audit and shadowing rules
1. If using DeviceLock Service Settings Editor, do the following:
a) Open DeviceLock Service Settings Editor.
b) In the console tree, expand DeviceLock Service.
If using DeviceLock Group Policy Manager, do the following:
a) Open Group Policy Object Editor.
b) In the console tree, expand Computer Configuration, and then expand DeviceLock.
2. Expand Protocols.
3. Under Protocols, select Auditing, Shadowing & Alerts.
When you select Auditing, Shadowing & Alerts in the console tree, in the details pane you can view protocols for which you can define audit, shadowing rules and alerts. In the details pane you can also view the current state of offline rules for each protocol in the Offline column.
4. In the details pane, right-click the protocol for which you want to remove offline audit and shadowing rules, and then click Remove Offline.
You can remove audit and shadowing rules defined for several protocols at the same time. To do this, do the following:
a) In the details pane, select several protocols by holding down the SHIFT key or the CTRL key while clicking them.
b) Right-click the selection, and then click Remove Offline.
The offline state of the audit and shadowing rules changes to “Use Regular.”
The “Use Regular” state of DeviceLock Service settings is displayed as “Not Configured” in DeviceLock Management Console.