Tech Tip - CA Data Protection: Tracking Policy Changes

Discussion created by devan05 Employee on Jul 29, 2015
Latest reply on Aug 11, 2015 by devan05

CA Data Protection Tech Tip by Andrew Devine, Senior Support Engineer for 29 July 2015


CA Data Protection (DataMinder) includes functionality that allows administrators to track policy changes in their environment. 


This functionality is enabled on the CA Data Protection CMS server via the Administration Console. Once logged on to the Administration Console as an administrative user, on the left hand pane navigate to and expand the "Machine Administration" section.  Now right click on the CMS machine and select "Edit Policy".  When the Policy Editor screen appears, navigate to


Machine Policy\Central Management Server\Policy Editor Settings\Automatically export saved policy to file.



This setting specifies a file name to use when automatically exporting policy XML each time a machine policy or user policy is edited and saved in the Administration console. If you leave this setting blank (default), the policy changes will not be automatically exported when a policy is saved. If you do specify a name you need to set the full file path and name, but you can also incorporate the following variables:



%name% gives the policy name at this level.


%fullname% gives the full hierarchy policy name.


%version% gives the policy version number e.g., 7.


%fullversion% gives the full version number of this policy, e.g. 633.2.1.7


%date% gives the current date in local time for the policy editor machine (YYYYMMDD_ddhhss).


%utcdate% gives the current date in UTC (YYYYMMDD_ddhhss)


%type% gives the policy type, Machine or User.






This exports version 19 of user policy "srimmel" to:

c:\SavedPolicies\User as "policy_srimmel_20110719_160334_19.xml"



To ensure that direct users (those logged onto the CMS directly) and Remote Users (those users using the Admin Console on a client or Gateway) can export all changes to a single directory structure use an UNC share that all users can access.