Creating a compliance rule on all the objects of a group
The following example illustrates how to create a rule that checks a certain condition on all the users under Microsoft Windows Local users.
- In the Component Template, add a part that is one of the group members (it does not matter which one since it will be changed). In this example, select one of the Local users:
- After the part is added to the component template (and compliance option is checked), create a new compliance rule with the following loop condition:
- Add the group object part to the condition:
- Manually edit the condition and change the part object, as shown below:
- Add a loop body to the condition by clicking the green plus sign. The left pane displays a list of all the attributes associated with the object in the loop (in this example, all of the available attributes for the Windows user):
- Click the green check mark icon and save the rule.
- When testing the rule, the results appear as in the following example:
- (Optional) Count the instances that comply with the loop body and set the condition as compliant or not-compliant according to the count results.
- (Optional) Check whether at least one object is compliant with the loop body, to make the whole rule compliant.
Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*