With anything that could have as much impact on a client machine as anti-virus policy can, it's important to have some degree of change control. Whatever workflow or procedures your organization uses for changing control should be applied to the modification and deployment of SCEP policies. This recipe will focus on showing you how to verify that change control procedures are being utilized with the management of SCEP policies.
After completing this recipe, you will know how to check who created a policy, who the last person to modify the policy was, and where the policy has been deployed. Not to mention, verifying who has rights to modify and deploy the policy.
To complete this recipe, you will need to be using an account that has at least the SCEP administrator role granted to it.
Follow these steps:
- Log into your SCCM CAS server and launch the SCCM 2012 management console.
- Navigate to
Assets and Compliance|Overview|Endpoint Protection|Antimalware Policies. - Select a policy from the Antimalware Policies list and locate the File Properties section at the bottom of the User Interface. Refer to the following screenshot:
- Under File Properties, you'll be able to determine when the policy was created and who created it, as well as the last user to modify the policy in any way.
- To see the collections to which this policy has been deployed, switch to the Deployments tab, as shown in the following screenshot:
- To remove the policy from a collection to which it has been assigned, simply right-click on it in the Deployments tab and select Delete.
- To view which users or groups have rights to modify a policy, right-click on it in the Antimalware Policies list and select Properties. Select Security from the column on the left-hand side, as shown in the following screenshot:
- If you wish to change who has rights to modify policies, you will need to update the security roles they have been assigned in the Administration panel of the SCCM console.