Setting up remediation for a predefined Host Integrity requirement
If the Host Integrity check on a client shows that a requirement failed, you can configure the policy to restore the necessary files. The client restores files by downloading, installing, or running the required applications to meet the requirement. The client computer can then pass the Host Integrity check.
You set up remediation in the same dialog box in which you add a predefined requirement. You specify both the path from which the client downloads the remediation files and how the remediation process is implemented.
You can also enable users to have some control over when they remediate their computers. For example, a restart may cause users to lose their work, so users may want to delay remediation until the end of the day.
After the download, installation, or execution of a command to restore a requirement, the client always retests the requirement. Also, the client logs the results as
- To set up remediation for a predefined Host Integrity requirement
- In the console, open a Host Integrity policy, and add a predefined requirement. See:
- In theAdd Requirementdialog box, clickInstall the <requirement type> if it has not been installed on the client.
- ClickDownload the installation package.
- In theDownload URLtext box, type the URL from where the installation file gets downloaded to the client computer. See:
- In theExecute the commandtext box, do one of the following tasks:
- If you want the client user to run the installation, leave the text box blank.
- If you want the installation to run automatically, type%F%.The%F%variable represents the last downloaded file. You can use any command that can be run fromStart>Run. For example, to install a patch for Vista, type the command%Systemroot%\system32\wusa.exe /quiet /norestart %F%.
- Optionally set the options to delay or cancel remediation, and then clickOK. See: