Microsoft Windows environment

The security policy is defined by string entries in policy tables in the Windows Registry. The site Policy key is always required. It defines the basic security policy for this component. Modifications, if needed, can be defined by optional component policy keys.

The security policy is determined by the role the application is playing: client or server. Therefore, the policy tables might contain two communications keys, server and client, under site and under each other component entry.

NOTE: BMC does not recommend editing the Windows registry unless you have experience working with the registry and you back up the registry before proceeding.

The Policy Tables are at the following Registry locations:

• Control-M/Server and Control-M/Agent:[HKEY_LOCAL_MACHINE\SOFTWARE\BMC Software\CONTROL-M\{Control-M/Agent|Control-M/Server}\SecurityPolicy\{site|NS|CA|CO|AG|RU}\{client|server|common|keystore}

  You can update the site section in the registry to affect all communications or update a specific hive to control a specific connection. Values that are specified in the other sections override the values specified in the site Registry key, for the relevant SSL connections. Sample Policy Tables for Microsoft Windows are listed under Control-M/Server registry.

• Control-M/EM: HKEY_LOCAL_MACHINE\SOFTWARE\BMC Software\CONTROL-M\CONTROL-M/Enterprise Manager\9.0.X\Default\SecurityPolicy\{site|GTW|CMSG|EM}\{client|server|common}

  Sample Policy Tables for Microsoft Windows are listed under Control-M/Enterprise Manager registry.

You can update the site section in the registry to affect all communications or update a specific hive to control a specific connection. Values that are specified in the GTW and CMSG sections override the values specified in the site Registry key, for the relevant SSL connections.

NOTE: The EM Registry contains an EM key for internal encryption purposes. Do not change this key.