Back
1 | Admin Console (Item Level Targenting): Why would I want to bypass Internal (pre-defined) Item Level Targeting? |
Starting in build 603, you have the ability to bypass Internal Item Level Targeting. You might want to do this for several reasons:
For a video expressing how to bypass Internal ILT, see:https://www.policypak.com/videos/bypassing-internal-item-level-targeting-filters.html Permalink : click here | |
2 | Chrome: How to Configure Chrome HomePage using Application Manager |
The “Home Page” in Chrome can mean one of two things:
See in the figure below how to configure Chrome for those two scenarios. Note that one way will set what happens when the “Home Button” is pressed. And the other way will specify what happens at launch. You need to set BOTH “Open a specific page or set of pages” and specify at least one “Set Pages” URL for this to work. Permalink : click here | |
3 | Chrome: How do I manage certificates with Google Chrome? |
Chrome uses the underlying certificates that Internet Explorer does. As such we didn't opt to put the functionality in the Chrome Pak. Said another way, use the IE + Certs features, you’re ALSO setting Chrome at the same time. Here’s the howto video in using the IE + Certs features (again, which should also set Chrome too): https://www.policypak.com/video/policypak-manage-ie-certificates.html Permalink : click here | |
4 | Chrome Policies don’t appear to work when using PolicyPak Cloud. |
Chrome's POLICIES are supported only when machines are domain joined. If your machine is NON-domain joined when used with PPCloud .. which is a typical case, We are working on a workaround in the future, but at this time, there is no workaround unless the machine is domain joined. Permalink : click here | |
5 | Chrome: How do I manage the Proxy settings for Google Chrome? |
Google Chrome uses the same settings as the system. Permalink : click here | |
6 | Chrome: How do I block Local File access to Google Chrome with PolicyPak? |
Use the PolicyPak Pak for Chrome. Then in the Extras, specify a URL to block as follows: file:///c:/ Result: Permalink : click here | |
7 | Chrome: Why do I have extra tabs appear when I open Chrome on an endpoint? |
Be sure to find the Set Pages are and un-check “Always reapply this setting” in the remaining tabs. PolicyPak is delivering “blank” when the “Always reapply this setting” is present upon items. So right-click and uncheck each unwanted page as seen here. Permalink : click here | |
8 | Chrome: Why Homepage button URL is not working for Google Chrome? |
Let’s assume Show Home Button is set and URL is configured to be shown when pressing the home button. But it did not work even if its sets that way. The home page type can either be set to a URL you specify or set to the New Tab Page. If you select the New Tab Page, then this policy does not take effect. For Home Button URL to work, check and uncheck Use New Tab Page as homepage setting like shown in below screenshot: Permalink : click here | |
9 | Firefox: How do I troubleshoot adding Certificates with PolicyPak and Firefox? |
There are various areas you should troubleshoot FIRST with FF and Certificates. Shortest possible answer to 99% of problems with FF + Certificates:
![]() ![]()
Permalink : click here | |
10 | Firefox: How can I deliver Certificates to “Certificate Authority” store and select “websites”, “mail users” and “software makers”? |
When using PolicyPak, you can deliver Certificates to various Firefox stores. If you deliver a certificate to the ROOT store, then the following checkboxes are always pre-checked upon delivery by PolicyPak. However, if you deliver a certificate to the CERTIFICATE AUTHORITY (CA) store, then NONE of these checkboxes are checked for you. The standard syntax to deliver a cert to the CA store using PolicyPak would be: \\CA-DC1\Data\FF.cer,ca,add But, as stated, this does not check the three checkboxes for selecting:
\\Server\Share\FF.cer,1,C;C;C,addHere is the explanation: Syntax: Server & Share, Cert, Number of Days to check.. then... [websites-trust];[mail-users-trust];[software-makers-trust] Where websites-trust, mail-users-trust and software-makers-trust can be null or one of the following letters: p prohibited (explicitly distrusted) P Trusted c Valid CA T Trusted CA to issue client certificates (implies c) C Trusted CA to issue server certificates (SSL only) (implies c) u Certificate can be used for authentication or signing w Send warning (use with other attributes to include a warning when the certificate is used in that context) Some examples: C;C;C - Root CAs for websites, mail users and software makes C;;C - Root CA for websites and software makers. Note, this specifically does NOT specify a flag for “mail users.” C;; - Root CA for websites only ;;c - CA for software makers only P;; - a trusted certificate for websites Permalink : click here | |
11 | Firefox: How can I prevent both automatic AND manual updates for Firefox? |
If you use the Firefox Pak for PolicyPak, and perform the steps as follows:
Then the result is that Firefox FORBIDS both automatic updated AND manual updates as well as seen here: Permalink : click here | |
12 | Firefox: How can I use PolicyPak to revert Firefox’s Options back to the “Old Style” ? |
Here's a video on how to do that Firefox 28 and PolicyPak -- Deliver and lockdown settings, and also switch back to old UI for OptionsHi. This is Sal from PolicyPak technical support. In this video, I’m going to show you different settings, new settings which are now available in Mozilla Firefox 38 version and how you can deliver those settings using our current existing Mozilla Firefox Pak. I have that entry in my GPO, so I will open the “Properties.” The new setting which I’m talking about is now made part of the “Content” tab. Here you can see “DRM content” is available and “In-content Preferences” is also available. That “In-content Preferences” setting has actually been available in about:config for a while, and we just make it as a part of our regular Pak as well. So we will try to deliver these settings. First, let’s go into the “General” tab and change the “Home Page.” We are using it under our computer side, so we can also lock it down, and that’s what I’m going to do. So right click and select “Lockdown this setting using the system-wide config file.” If we go to the “Content” tab, let’s uncheck “Play DRM content” and also “Lockdown this setting using the system-wide config file.” “In-content Preferences” by default Mozilla Firefox 38 is going to show us Options in a tab format, but let’s do that as false. So now we are going to get that in our old window. So we are going to get the options in a window format. That’s about it, so I will click “OK.” Our settings are in place. I will go into my target machine. Before checking our settings, let’s see what version I’m using. I’m using a 38 version. If we go into the “Options,” you’re going to see that it opened in a tab format. That’s what we are going to avoid. We are going to get these options in a window format, and also we are going to see a “Home Page.” If we go into the “Content,” we are going to see that unchecked. I will close Firefox and run “GP Update” against my computer side. We will wait for that to be finished. Once it’s done, we will launch “Mozilla Firefox” again. Let’s go to the “Options.” You can see that now it opened Options in a window format. If we go to the “General” tab, you see that “Home Page” is delivered. In “Content,” “Play DRM content” option is unchecked and we can also see that it is not editable. I hope it helps. Thank you. Permalink : click here | |
13 | Firefox: How do I use the NTLM passthru (URIS) settings in the Firefox / about:config Paks? |
The Firefox core Pak (Mozilla Firefox 23.0 and later) Pak has three very commonly used settings from the extra about:config paks. That being said, they are often used incorrectly. The goal of these settings is to allow NTLM authentication to passthru to specified websites. We cannot direct you on WHICH setting to use WHEN. That’s up to you and your application vendor guidelines.
For use within PolicyPak Application Manager, the use is simple. So, below you can see some examples of how you could use this. We suggest BEFORE you use PolicyPak to DELIVER these settings to first test your configuration on ONE MACHINE (locally on Firefox) And see if you get the RESULT you want. Then, if you do, then use PolicyPak Application Manager to actually deliver the values you want to all your machines that you wish to get these values. ![]() Permalink : click here | |
14 | Firefox: What versions of the PolicyPak CSE support managing certificates in what versions of Firefox? |
Here is a table to help you understand what is supported.
Note that Firefox versions past versions on this table are simply not yet tested and might or might not work.
Permalink : click here | |
15 | Firefox: Can I enable / disable add-ons for Firefox? |
Yes. Here is a videos to demonstrate that. https://www.policypak.com/video/policypak-manage-firefox-add-ons-using-group-policy.htmlPermalink : click here | |
16 | Firefox: Can I deliver, manage and/or revoke certificates directly to Firefox? |
Yes. Here is a videos to demonstrate that. https://www.policypak.com/video/policypak-manage-firefox-certificates.htmlPermalink : click here | |
17 | Can I use Security.enterprise_roots.enabled as an alternate method for FF + Certificates? |
Yes. You can use PolicyPak to deliver Security.enterprise_roots.enabled. But there are some downsides...
Security.enterprise_roots.enabled
Way #1: Inside the main Firefox Pak itself
![]() ![]() Permalink : click here | |
18 | Firefox (and Java and Thunderbird): Why can’t I seem to find (or perform) UI lockdown for Firefox, Java or Thunderbird ? |
FireFox, Thunderbird and Java pre-configured Paks all support user-interface lockout. However, that UI lockout is implemented differently and, as such, comes with a caveat.
Specifically, to perform UI lockout of FireFox, Thunderbird and Java, the GPO must be linked such that the computer is affected. Said another way, you cannot perform UI lockdown on FireFox, Thunderbird or Java “per-user” (when users are in OUs.) You can only perform FireFox, Thunderbird or Java lockdown when affecting computers (when computers are in OUs.) In the picture below, you’ll see an example of how to create and link a GPO against computers (instead of users) can be seen. In this example we’ve assumed you’ve put your target computers into the “East Sales Desktops” folder (or similar.) Then when you edit the GPO, edit it on the Computer side as seen here. At that point you can modify settings for FireFox, Thunderbird and Java and specify to “Lockdown this setting using the system-wide config file.” System-Wide lockdown using config files is only available on the Computer side. As explained, the “Lockdown this setting using the system-wide config file” doesn’t appear on the user-side. If you try to edit these three Paks on the user side, you simply won’t see option to perform UI lockdown. An example of editing one of these Paks on the user side (and therefore not seeing the System-Wide lockdown) is shown in this figure. Note that the lockdown via System-Wide config file is not present on the user side. Permalink : click here | |
19 | Firefox: Is PolicyPak compatible with the Frontmotion packaged MSI version of Firefox? |
Yes, PolicyPak is compatible with the Frontmotion packaged MSI version of Firefox. Permalink : click here | |
20 | Firefox: Is PolicyPak compatible with Firefox when installed to non-standard (and portable) locations? |
PolicyPak Application Manager will APPLY settings AND keep them re-applying when Firefox launches .. no matter where Firefox is installed or run from... provided that Firefox stores its settings in Appdata. If Firefox is writing to a location OTHER than AppData, then PolicyPak may not be able to find the Firefox profile and then write to that location. Meanwhile, PolicyPak Application Manager has extra magic for Firefox, like UI Lockdown and enhanced support like Certificates and Bookmarks which ONLY works when Firefox is PROPERLY installed to Program Files.. and not anywhere else. Therefore the most common cases and scenarios are:
Permalink : click here | |
21 | Firefox: Is PolicyPak compatible with Firefox ESR? |
Yes, PolicyPak Application Manager and PolicyPak Browser Router work perfectly with Firefox and Firefox ESR. Permalink : click here | |
22 | Firefox: How do I set “Allow Now”, “Allow and Remember” or “Block Plugin” as plug-ins are requested? |
If you have this dialog in Firefox, you can use PolicyPak to specify Allow or Block Plugin. If the plug in you want to allow is Java, you can add one line to the PERMISSIONS section in the PolicyPak Application Settings Manager Firefox Pak.
Note: You might also need to add these lines as well, if adding the one line above doesn’t work. It depends on the version of Firefox you have installed. Older versions require these lines:
However, if the plug in you wantis another plug-in and not Java, then you need to learn the plug in name in the database. So, start out on your own machine and use Firefox to specify the ALLOW AND REMEMBER permission or BLOCK PLUGIN permission as seen here. Once this is done, you need to figure out what plug-in was just affected. The way to do this would be to use a tool called SQLLite Browser found here: www.sqlitebrowser.org Open the table / file moz_perms (on FF 42 and newer) or moz_hosts (on FF 41 and older) which will be in the Discover the name of the plug-in you just approved like what’s seen in this example. In this example, it’s still plugin:java. But in your case, it could be something else. Now that you know that, you can use PolicyPak Application Settings Manager and the Firefox Pak to set this permission to Allow or Block. Permalink : click here | |
23 | Firefox: How do I stop the “Firefox automatically sends some data to Mozilla so that we can improve your experience” message? |
PolicyPak Application Manager can remove the message “Firefox automatically sends some data to Mozilla so that we can improve your experience” as seen below.
Permalink : click here | |
24 | Firefox: How can I fix Dark Theme / Firefox 56 when using PolicyPak ? |
Cause:
It seems the Firefox set the following settings in Permalink : click here | |
25 | Firefox: Why doesn’t the Firefox Applications Handler function work as expected? |
Managing Firefox with PolicyPak enables you to dictate what external applications will open outside of Firefox. For instance opening up Adobe Reader instead of the internal reader, and so on. Here are some nuances of Firefox Application Handlers. 1. Some handlers are hard-coded. So, they are always shown in the UI, even if they are scheduled to be removed due to "REPLACE" mode. Here is the list of hard-coded handlers: For example, if you set PPAM FF Pak handler setting to the following value: However the actual list which user gets is list of 5 handlers (Podcast, PDF, Video, Web, and ZIP) because some are always hardcoded. 2. Firefox prefers opening content internally to firing external programs whenever possible (e.g., to open those file types he is able to handle internally). Content that can be handled internally includes images, texts, HTML and XML code, and content with some special meaning in Web (CSS, JS, etc.). The actual decision is made based on so-called MIME type, and not on file extension. In case of HTTP/HTTP surfing, Firefox usually uses MIME type returned in "Content-Type" response header: If MIME type is "text/plain", "text/html", "text/css", "image/jpeg", or any other special type file is opened internally. Even if "Content-Type" header is not set in web response, Firefox uses some sophisticated algorithm to guess MIME from actual content, and opens resource of special types internally. For this reason, even though it is possible to add handlers for .JPG, .HTML, .HTM, .TXT, etc, and they appear in UI, Firefox will keep opening resources of such types internally. The general rule of thumb here is the following: when there is no handler for the given type and Firefox normally shows "Open with dialog" for this type, it fires Application Handler for the same type when there is a handler: 3. The actual behavior during Web surfing depends on MIME type for resource returned by Web-server. Even though you can have handler for PDF (application/pdf), or ZIP (application/x-zip-compressed), or whatever, it might not work for resources returned with non-standard MIME type. If returned MIME types is generic type for binary resources (application/octet stream), or some type with no special meaning for Firefox (see #2), Firefox fires handler to open file like this: Otherwise file will be opened internally. Permalink : click here | |
26 | Firefox: Why don’t I see Bookmarks and Pop-Ups settings set when user has NEVER run Firefox before? |
You might see that the first time a user has ever logged on to a machine, the Firefox settings are not delivered as expected. Or that some settings are present, yet others are not. Some settings are stored in Firefox databases; and those databases aren’t created until Firefox is run the first time. So, PolicyPak is delivering the settings, but then they are going no-where because those databases don’t exist until Firefox is run first time. On the other hand, many other settings are stored in Firefox configuration files. For simpler items, those files do exist (anytime Firefox is installed) and we are place some items in there, and have them appear, even at first use. Which is why you can see seeing mixed results: Some settings appear a-ok first time, others not until Firefox is run two times. Permalink : click here | |
27 | HowTo: What do I do if I find a problem with a preconfigured Pak? |
While you are welcome to contact PolicyPak support concerning any issues with our preconfigured Paks, we can recommend some steps to perform before doing that. We encourage customers to take an active role if a Preconfigured Pak appears to have some issue in the definition. This is why we provide the PolicyPak DesignStudio to customers – to make and update settings for their own Paks, or update our preconfigured Paks. That being said, if you identify a pre-configured Pak issue, here is our step-by-step recommendation:
If that doesn’t work:
If you don’t want try to fix a Pak definition yourself, we (PolicyPak Software tech support) will try to analyze and remediate and Pak issue if possible, knowing that it might take some time (or might not be possible at all.) The more you can isolate the problem using the troubleshooting procedures outlined in the PolicyPak manuals, the better we can serve you. The preconfigured Paks are examples we (PolicyPak Software) provide the community for free. Our company is based around a community model where we all help each other. You will find that the PolicyPak user community is a true asset. Permalink : click here | |
28 | HowTo: One of my Pak entry’s settings is not getting delivered on target machines. What should be the first thing to look into? |
The most common reason for items not applying is that the Internal Item Level Targeting within a Pak doesn’t match / evaluate to TRUE on your target machine. Permalink : click here | |
29 | HowTo: Which "side" of GPO should I deploy Paks to: User or Computer side? |
There is no right or wrong answer here. In our Quickstart and manual, we suggest you perform the work on the USER side. This means that whenever users log on to any machines (so, as users roam), they get the settings. That being said, you’re welcome to deliver settings on the COMPUTER side. This means that ALL USERS on the computer will get the settings… regardless of who the user is. So, our general recommendation (if you’re looking for one) is:
For more information on this, see the following FAQ item. https://www.policypak.com/knowledge-base/preconfigured-paks/why-cant-i-seem-to-find-or-perform-ui-lockdown-for-firefox-java-or-thunderbird.htmlPermalink : click here | |
30 | Internet Explorer: I’m trying to use IE 11’s Enterprise Mode, but it doesn’t appear to be working? |
Here are the troubleshooting steps:
Permalink : click here | |
31 | Internet Explorer: Can I enable / disable add-ons for Internet Explorer? |
Yes. Here is a videos to demonstrate that. https://www.policypak.com/video/policypak-manage-ie-programs-tab.htmlPermalink : click here | |
32 | Internet Explorer: Can I deliver, manage and/or revoke certificates directly to Internet Explorer? |
Yes, Here is a videos to demonstrate that. https://www.policypak.com/video/policypak-manage-ie-certificates.htmlPermalink : click here | |
33 | Internet Explorer: How do I deploy custom settings to zones? |
On the page that looks like this, simply change the settings inside the CUSTOM SETTINGS frame. However, DO NOT set the dropdown to custom. That is, but leave the "Security Level for Trusted Sites" dropdown (for instance) set to nothing. This formula will deliver the specific custom settings you choose. Permalink : click here | |
34 | Internet Explorer: When should I use Compatibility mode vs. Enterprise Mode for IE 11? |
Both modes are actually additive and not exclusive. For details, please see these Microsoft articles. http://blogs.msdn.com/b/cjacks/archive/2014/08/11/ie11-enterprise-mode-and-compatibility-view-are-additive-not-exclusive.aspx Permalink : click here | |
35 | Internet Explorer: Why don’t HTTP sites get added to the Trusted Site list? |
IE itself wont allow HTTP sites unless you loosen the security in IE. Use PolicyPak to do it for you. On the Security tab, ensure “Trusted: Require server verification https:” and “Intranet: Require server verification https” are both UNDERLINED and UN-Checked. This will deliver “un-check” to these settings, allowing for HTTP zones. Permalink : click here | |
36 | Internet Explorer: Why does IE fail to launch after I apply ACL lockdown or all of the IE Pak STIG settings? |
There are some settings, which when you use ACL lockdown, will prevent IE from launching. Under the hood, the keys that are edited are in Permalink : click here | |
37 | Why doesn’t Site to Zone list assignment work with the syntax I provided? |
The definitive guide to Site to Zone assignment syntax can be found at: http://evilgpo.blogspot.com/2016/03/internet-explorer-site-to-zone.html The typical problems are:
Valid entries
Invalid entries
Permalink : click here | |
38 | Internet Explorer: Why Internet Explorer is not launching after I apply “Perform ACL Lockdown”? |
If you select ACL Lockdown from the IE option you may experience that the iexplorer.exe process closes itself, thus failing IE with successful launch. That’s because, currently we have limitation with that feature support in IE. So uncheck the option “Perform ACL Lockdown” by right-clicking on the PolicyPak elements: Example 1: Example 2: Permalink : click here | |
39 | Java: Using the Pre-configured Pak for Java, how do I prevent “Java has discovered application components that could indicate a security concern.” Pop up? |
If you get the following pop-up: the pre-configured Java Pak can adjust for that. However, know that we are not magically “increasing” your security here, simply delivering the value that forces Java to stop the pop up. The setting located in our pre-configured Paks for Java is: More information from Oracle on the underlying issue can be found at this web page: http://java.com/en/download/help/error_mixedcode.xml Permalink : click here | |
40 | Java: How to disable prompt “Your Java version is out of date.”? |
If you are running an older version of Java JRE and you visited the java enabled application, it will give an annoying prompt as illustrated in below screenshot. With PolicyPak’s Pre-configured PAK for Java, you can disable that prompt by un-checking this option “Prevent Users from “JRE out of date” warning pop-up”. You want it un-checked and underlined.Permalink : click here | |
41 | Java: How to disable prompt “You Java version is insecure”? |
Visiting a website with Java enabled application you may see the warning as showing in screenshot. Solution:Select option “Enable – hide warning and run with protection” under “Sandbox vs. Trusted Security verification”. The setting placement may vary depending on the version of Java Pak you are using. Permalink : click here | |
42 | Java: How to disable Java prompt “Do you want to run this application?” |
Visiting a site with Java enabled content you may see this prompt, confirming if you want to run the JRE code located on that location. Solution:Setting up these couple of settings will get away this prompt. First add the location in the trusted sites in exception list. Then set the “Enable – hide warning and run with protection” under “Sandbox vs. Trusted Security verification”. Permalink : click here | |
43 | Java: How to disable User Account Control prompt for Java Auto Updater? |
Users might see prompts whenever Java tries to update automatically. Solution:Check/Un-check option “Check for Updates Automatically” under Updates tab. This option may vary in different versions of Java pre-configured PAKs. Permalink : click here | |
44 | Java: How to disable Task tray notification balloon events? |
In most cases when you are using an older version of Java you may see the Java icon in the system tray. Solution:To get rid of the icon which may interrupt the user with subsequent prompts, set following option in pre-configuring PAK for Java. Check/Un-check “Check for Updates Automatically”. Permalink : click here | |
45 | Java: I don’t see that any changes are working at all. What can I try first? |
Solution: Every pre-configured Pak comes with its own internal filters and in most cases those are targeting to a specific version of Application. For instance, if you're using a specific Pak for Java, it might be trying to apply only to the detected version on that machine. So if we have a different version on the target machine that doesn’t mean there is no way we can see the changes. We can still get PolicyPak to deliver the setting by disabling the internal item-level targeting. To see a demonstration video about Internal Filters and bypassing them, please see this video Permalink : click here | |
46 | Java: Java Site List Exceptions just stopped working. What can I do to fix this? |
Sometimes Java will create an errant file which prevents Java Site Exceptions list from working as expected. Permalink : click here | |
47 | Other: What is “Internal (pre-Defined)” Item Level Targeting? |
Many (not all) of our Paks have Internal Item Level Targeting (aka pre-defined filters.) The goal is to only apply settings from a Pak WHEN the actual application is really on the machine. You can see if a Pak HAS pre-defined filters in several ways. Way 1: Check the readme file for the Pak. We do a pretty good job documenting if a Pak has Internal Filters. For instance, in the Techsmith Snag it 11 Pak's Readme file, you'll see a note which says: Internal Item Level Targeting set as follows: When %ProgramFiles%\TechSmith\Snagit 11\SnagitEditor.exe FILE VERSION is between 11.0.0.0 and 99.0.0.0 OR the file %ProgramFiles(x86)%\TechSmith\Snagit 11\SnagitEditor.exe FILE VERSION is between 11.0.0.0 and 99.0.0.0. (Tip: If you want to understand WHY some Internal Filters are set to 99, see another FAQ in this section.) Way 2: Use the DesignStudio to open up a Pak and look. You can see an example of where Internal Item Level Targeting is within the DesignStudio in this example: Way 3: When you use MMC 603 or later, and make a Pak entry into a GPO, you'll see the column labeled "Predefined Targeting." If it says On or Off, then the Pak itself has Pre-defined Targeting. If the Column shows N/A, the Pak doesn't. You can see two entries without Internal ILT, and one entry that does in this example: Permalink : click here | |
48 | Other: Is “Internal Item-Level Targeting” on by default? |
Internal Item-Level Targeting is “On” by default since 557. Permalink : click here | |
49 | Other: I added a Pak and some items are grayed out / not available. In other Paks, everything seems available. What’s happening? |
Features that are grayed out in any PAK means that the setting isn’t available to be delivered via PolicyPak. For some applications, everything works, for others, not everything is manageable. Permalink : click here | |
50 | Paks: Why are there some areas of the pre-configured Paks greyed out or not accessable? |
PolicyPak’s pre-configured Paks can manage a lot of settings, but not all settings in every application. For instance, in this Pak (Microsoft Word 2010) you can see some areas which are not configurable. Sometimes, you might encounter a button which doesn’t open another Window or have any function. In these cases PolicyPak cannot manage these settings. We try to document these in the Readme file which accompanies all pre-configured Paks. That being said, sometimes we overlook settings which we might be able to get ! So if you see something which is a “must have” for you, just ask, and we can try to double-check it to see if it’s possible to achieve. Please post in the SUPPORT FORUMS for this kind of request. Thanks.Permalink : click here | |
51 | Paks: Why do some Paks have pre-defined Item Level Targeting for an EXACT version number, and others say “Version 7 to 99” (or similar)? |
We create a test a Pak to a specific product version. But we want the latest version we release to work for whatever comes next from the manufacturer. Let's use Techsmith Snagit as an example. As of this writing, there are two paks for Snagit: 10 and 11. The Pak for Snag it 10 has its Internal ILT set so it only delivers settings WHEN specifically version 10 of SnagIt is on the machine. The Internal ILT is set as follows: When %ProgramFiles%\TechSmith\Snagit 10\SnagitEditor.exe FILE VERSION is between 10.0.0.0 and 11.0.0.0. OR the file %ProgramFiles(x86)%\TechSmith\Snagit 10\SnagitEditor.exe FILE VERSION is between 10.0.0.0 and 11.0.0.0. But the Snag it 11 Pak has its Internal ILT set so it delivers when version 11 and up to 99 is on the machine. Its internal ILT is set as follows: When %ProgramFiles%\TechSmith\Snagit 11\SnagitEditor.exe FILE VERSION is between 11.0.0.0 and 99.0.0.0 OR the file %ProgramFiles(x86)%\TechSmith\Snagit 11\SnagitEditor.exe FILE VERSION is between 11.0.0.0 and 99.0.0.0. Let's assume Techsmith Snagit 12 comes out, and users install it, or it otherwise appears on machines. It's VERY LIKELY that the Pak we already created for SnagIt 11 will mostly work for the next version, version 12. Then, when version 12 comes out, we test our Version 11 Pak with Version 12 of the application and we do one of two things:
Now when SnagIt 13, 14, etc comes out, the version 12 Pak will most likely keep working with it. This same idea extends, say to Firefox which gets updated quite often in VERSION number, but usually no new checkboxes or features appear in the Firefox Options. In this way, newer versions of Firefox will “just work” when using our latest Firefox Pak. Permalink : click here | |
52 | Paks: What is the official support policy for the pre-configured Paks? |
Many people use PolicyPak with the pre-configured Paks, and are very happy. Occasionally, a Pak has some definition problem, meaning a checkbox or a dropdown doesn’t function as expected, or doesn’t function at all. Even though we here at PolicyPak pre-create many, many Paks for your use, we cannot guarantee that that every dropdown, checkbox, and radio button in a Pak will work as expected. While creating the Paks, we do our best to verify each element, then try to document in the Pak’s “Readme” file anything that we know will not be accessible in a Pak. Our Paks are examples for you to use. Therefore, we don’t officially support the Paks themselves. We support the engine which delivers the Paks. Again, the Paks themselves are not officially supported. Those are “examples” for you to use, and we provide “best effort” support on those if a problem is found. (See the FAQ question “What do I do if I find a problem with a preconfigured Pak?” for more information.) Permalink : click here | |
53 | Paks: How will I know that an existing Pak will work with the version of the application I have today (and tomorrow)? |
It is a fact of the software business that new application versions are constantly being released. Most of the time however, a Pak that worked in an application “yesterday” will continue to work “today” and “tomorrow.” For instance, our FireFox Pak works with all versions of the popular web browser whether it be version 3 or 17 or whatever’s next. Rarely will a pre-configured Pak completely stop working when a vendor updates their application. But it does happen. Most of the time one of the following scenarios applies:
As a PolicyPak customer, you get more than just a powerful software engine that allows you to manage and lock down applications for your users. You get the Design Studio that allows you to update and create Paks yourself. You also get access to our powerful user based community, providing you a knowledge base and peer group to turn to ask questions and request advice, and of course, you have access to our committed support staff.
Permalink : click here | |
54 | Paks: How often do the Paks for specific apps get updated? |
Remember, Paks themselves are not officially supported, but we do our best to update them as needed. We typically update Java and Firefox and Internet Explorer right away as needed though.
Most of the time, Paks dont need any updates at all, even if the application's version number changes (See our Next FAQ).
Other times, a Pak does need to be updated or fully re-made depending on the app (rare).
In those cases, they are done upon customer request and are a "best effort" basis by our team.
Remember though: PolicyPak Application Manager comes with the PolicyPak DesignStudio, which means you are always able to create and/or update the Paks without waiting for us if you so choose. Permalink : click here |