This article describes the differences between the Policy Loopback settings: "Replay Machine Settings", "Ignore User" and "No Loopback".
Known to apply to the following Sophos product(s) and version(s)
SafeGuard Management Center / Local Policy Editor
All supported Operating Systems
You will find the Police Loopback settings under:
Policy Items | General Settings | Loading of settings | Policy loopback
Replay Machine Settings
If you select “Replay Machine Settings” in the field Policy Loopback, of a policy of the type General Settings, and the policy affects a computer (“Replay Machine Settings” does not affect user policies), this policy is replayed at the end of the analysis.
This action then overrides any user settings and the machine settings apply. All machine settings inherited directly or indirectly by the machine (including policies which have not been applied by the “Replay Machine Settings” policy loopback) are written back.
If you select “Ignore User” in the field Policy Loopback, in a policy of the type General Settings, and the policy affects a machine, then only the machine's settings are analyzed. User settings are not analyzed.
No Loopback describes the standard behavior. User policies take priority over computer policies.
Analyzing the settings “Ignore User” and “Replay Machine Settings”
- If there are active policy assignments, the machine policies are analyzed and consolidated first. If, with the Policy Loopback option, this amalgamation of individual policies results in the value 'Ignore User', the policies that would have been fixed for the user will not be analyzed. This means that the same policies apply both for the user and for the machine.
- If, after merging the individual machine policies, the value with the Policy Loopback attribute is 'Replay machine settings', the user policies are merged with the machine policies. After the merge, the machine policies are rewritten and, where appropriate, override settings from the user policies. If a setting is present in both policies, the machine policy value overrides the user policy value.
- If the consolidation of the individual machine policies results in the standard value (No Policy Loopback), user settings take priority over machine settings.