Creating a compliance rule on all the objects of a group


The following example illustrates how to create a rule that checks a certain condition on all the users under Microsoft Windows Local users.

  1. In the Component Template, add a part that is one of the group members (it does not matter which one since it will be changed). In this example, select one of the Local users:
    compliance4.jpg
  2. After the part is added to the component template (and compliance option is checked), create a new compliance rule with the following loop condition:
    compliance5.jpg
  3. Add the group object part to the condition:
    compliance6.jpg
  4. Manually edit the condition and change the part object, as shown below:
    compliance7.jpg
  5. Add a loop body to the condition by clicking the green plus sign. The left pane displays a list of all the attributes associated with the object in the loop (in this example, all of the available attributes for the Windows user):
    compliance8.jpg
  6. Click the green check mark icon and save the rule.
  7. When testing the rule, the results appear as in the following example:
    compliance9.jpg
  8. (Optional) Count the instances that comply with the loop body and set the condition as compliant or not-compliant according to the count results.
    compliance10.jpg
  9. (Optional) Check whether at least one object is compliant with the loop body, to make the whole rule compliant.
    compliance11.jpg

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*