User Justification Required to Run

This policy type requires a user to provide a justification for why they need to run an application before elevating with administrator privileges. User Justification refers to the policy action. Since Conditions and Actions are independent, this action can be applied to any condition. In this use case, we will simply apply this action to a specific application.

  1. Using the Policy Wizard, create a controlling policy that elevates application execution on endpoints.

  2. Select Require Justification, and click Next Step.

  3. Select what file type to target, for this example select Executable, and click Next Step.

  4. Choose your target, for this example File Upload.

  5. Click Choose File and select a file to upload.

  6. Click Upload File.

  7. On the Manage Application page select all the identifying factors you want the filter to target.

    manage app

  8. Click Create Filter.

  9. Click Next Step.

  10. Name your policy and add a description, click Create Policy.

    policy

  11. Set the Inactive switch to Active.

The user will see a justification message as a result of the policy. When the user adds a reason, they will then click the Continue button and the application is allowed to execute.

You can then view a user's provided reasons in Verify Privilege Manager under Reports | Application Justification Summary Details Report.