By default, when you apply a ControlPoint policy to users, all users included in the User Selection will be included in the policy. ControlPoint Application Administrators can, however, exclude specified users from all ControlPoint policies by entering one or more user names (in the format domain\user) in the Value field of the ControlPoint Configuration Setting Users to Exclude from All ControlPoint Policies. Enter multiple names as a comma-separated list.
For example, you may want to exclude from all policies:
·the ControlPoint Service Account, to allow administrators to perform actions such as Delete Site and Copy/Move actions in ControlPoint. (Remember, ControlPoint actions are actually carried out by the ControlPoint Service Account rather than the logged in user).
·all accounts operating as the System Account (sharepoint\system), which may include, but not be limited to, the ControlPoint Service Account.
·farm administrators.
NOTE: You must exclude users based on full account names (sometimes known as pre-Windows 2000account names in Active Directory), not display names. For example, you cannot exclude system accounts by entering the display name System Account.
Users specified in this setting will always be excluded from all policies, including any policies to which they have been explicitly added.
© 2025 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center
