17.39 setsecpolicy.vbs (applying a security policy to the offline-managed computer and collecting device information)
Functionality
This command applies a security policy to the offline-managed computer and collects device information.
The following are the pre-requisitions for this command:
-
The services on the agent are already started.
-
The agent version is 11-51 or later.
-
The process of collecting device information is not already running.
-
The End User Form view is closed.
-
The command is stored in a folder on a local drive.
-
The length of the full path name to the folder where the command is stored is 128 characters or less.
This command must be executed directly on an offline computer, using external storage media.
Format
setsecpolicy.vbs[ /silent][ /u][ /s]
Arguments
- /silent
-
Prevents displaying the view from an end-user's computer.
- /u
-
Prevents displaying the End User Form view from the end-user's computers. When /silent is specified, the End User Form view is not displayed on the end-user's computer regardless of whether /u is specified.
- /s
-
Does not collect the installed software details set in the Software Search Conditions view in the Settings module.
Storage location
Same storage location as the tool for applying policy offline (where the tool is extracted to).
Notes
-
This command cannot be simultaneously executed by multiple users.
-
This command cannot be executed simultaneously with the command to collect information of the offline-managed computer.
-
In the following cases, you need to re-create the tool for applying policy offline, and then re-execute this command to apply the security policy and collect the device information. For details about the conditions where the command must be re-executed, see A.11 Conditions where the tools must be re-executed on an offline-managed computer.
-
If the anti-virus product that is judged by the security policy is changed
-
If the configuration of the additional management fields are modified
-
If the content of the security policy is modified#
#: Except for Operations Logs, Common settings for prohibited operations and operation logs, Collect List of USB Device Files, and Action Items.
-
Return values
The following table shows the return values of the setsecpolicy.vbs command.
Return value |
Description |
---|---|
0 |
The command finished normally. |
10001 |
The process of applying the security policy has been canceled on the end-user's computer. |
10011 |
The format for specifying the command arguments is invalid. |
10031 |
An information collecting process using the Information Collection Tool is already being executed. |
10032 |
A temporary error occurred. |
10033 |
An information collecting process is in progress in the background. |
10034 |
The End User Form view is displayed. |
10035 |
The security policy application command is already being executed. |
10051 |
The process was aborted due to the path to the storage folder being too long. |
10052 |
The security policy application command is not installed on the local disk. |
10101 |
Failed to apply the security policy. |
10102 |
You do not have read/write permissions to the folder in which this command is stored. |
10103 |
An agent is not installed on the computer. |
10104 |
The version of the agent installed on the computer does not support applying the security policy to the offline-managed computer. |
10105 |
The tool for applying policy offline might be corrupted. |
10106 |
The agent environment is corrupted. |
Example
The following example shows use of this command to apply the security policy and collect information without displaying the End User Form view on the end-user's computer.
setsecpolicy.vbs /u