Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Remediating Infranet Controller Host Checker Policies

    You can specify general remediation actions that you want Host Checker to take if an endpoint does not meet the requirements of a policy. For example, you can display a remediation page to the user that contains specific instructions and links to resources to help the user bring their endpoint into compliance with Host Checker policy requirements.

    You can also choose to include a message to users (called a reason string) that is returned by Host Checker or an integrity measurement verifier (IMV) that explains why the client machine does not meet the Host Checker policy requirements.

    General Host Checker Remediation User Experience

    Users may see the remediation page in the following situations:

    • Before the user signs in:
      • If you enable custom instructions or reason strings for a policy that fails, the Infranet Controller displays the remediation page to the user. The user has two choices:
        • Take the appropriate actions to make his computer conform to the policy and then click the Try Again button on the remediation page. Host Checker checks the user’s computer again for compliance with the policy.
        • Leave his computer in its current state and click the Continue button to sign in to the Infranet Controller. He cannot access the realm, role, or resource that requires compliance with the failed policy.

          Note: If you do not configure the Infranet Controller with at least one realm that allows access without enforcing a Host Checker policy, the user must bring his computer into compliance before signing into the Infranet Controller.

      • If you do not enable custom instructions or reason strings for a policy that fails, Host Checker does not display the remediation page to the user. Instead, a message appears telling the user that no additional information has been provided and to contact the system administrator. The Infranet Controller does not assign the user a role that allows access to protected resources.
    • After the user signs in:
      • (Odyssey Access Client only) During a session, if a user’s computer becomes noncompliant with the requirements of a Host Checker policy, a pop-up message appears briefly in the system tray that informs the user of the noncompliance. The user can display the remediation page by right-clicking the Odyssey Access Client icon in the system tray, choosing Odyssey Access Client Manager from the context menu, and then clicking the How do I resolve this problem link in the status section of the Odyssey Access Client window.
      • (Agentless—Windows, Macintosh, Linux and Solaris) During a session, if a user’s agentless computer becomes noncompliant with the requirements of a Host Checker policy, the Infranet Controller displays the remediation page to inform the user of the noncompliance. On Windows agentless computers, Host Checker displays a bubble and tray icon if the endpoint becomes noncompliant. The user must click the bubble or tray icon to open a browser window that contains the remediation instructions. On Macintosh, Linux, or Solaris agentless computers, Host Checker automatically opens a browser window that contains the remediation instructions as soon as the endpoint is noncompliant.

    Published: 2012-11-28