Setting up remediation for a predefined Host Integrity requirement

If the Host Integrity check on a client shows that a requirement failed, you can configure the policy to restore the necessary files. The client restores files by downloading, installing, or running the required applications to meet the requirement. The client computer can then pass the Host Integrity check.
You set up remediation in the same dialog box in which you add a predefined requirement. You specify both the path from which the client downloads the remediation files and how the remediation process is implemented.
You can also enable users to have some control over when they remediate their computers. For example, a restart may cause users to lose their work, so users may want to delay remediation until the end of the day.
After the download, installation, or execution of a command to restore a requirement, the client always retests the requirement. Also, the client logs the results as
pass
or
fail
.
  1. To set up remediation for a predefined Host Integrity requirement
  2. In the console, open a Host Integrity policy, and add a predefined requirement. See:
  3. In the
    Add Requirement
    dialog box, click
    Install the <requirement type> if it has not been installed on the client
    .
  4. Click
    Download the installation package
    .
  5. In the
    Download URL
    text box, type the URL from where the installation file gets downloaded to the client computer. See:
  6. In the
    Execute the command
    text box, do one of the following tasks:
    • If you want the client user to run the installation, leave the text box blank.
    • If you want the installation to run automatically, type
      %F%
      .
      The
      %F%
      variable represents the last downloaded file. You can use any command that can be run from
      Start
      >
      Run
      . For example, to install a patch for Vista, type the command
      %Systemroot%\system32\wusa.exe /quiet /norestart %F%
      .
  7. Optionally set the options to delay or cancel remediation, and then click
    OK
    . See:
  8. Click
    OK
    .