Product Documentation

録画ポリシーの作成とアクティブ化

May 28, 2016

Use the Session Recording Policy Console to create and activate policies that determine which sessions are recorded.

You can activate system policies available when Session Recording is installed or create and activate your own custom policies. Session Recording system policies apply a single rule to all users, published applications, and servers. Custom policies specifying which users, published applications, and servers are recorded.

The active policy determines which sessions are recorded. Only one policy is active at a time.

Use system policies

Session Recording provides these system policies:

  • Do not record. If you choose this policy, no sessions are recorded. This is the default policy; if you do not specify another policy, no sessions are recorded.
  • Record everyone with notification. If you choose this policy, all sessions are recorded. A pop-up window appears notifying the user that recording is occurring.
  • Record everyone without notification. If you choose this policy, all sessions are recorded. A pop-up window does not appear notifying the user that recording is occurring.

System policies cannot be modified or deleted.

To activate a policy

  1. Log on to the server where the Session Recording Policy Console is installed.
  2. Start the Session Recording Policy Console.
  3. If you are prompted by a Connect to Session Recording Server pop-up window, ensure that the name of the Session Recording Server, protocol, and port are correct. Click OK.
  4. In the Session Recording Policy Console, expand Recording Policies.
  5. Select the policy you want to make the active policy.
  6. From the menu bar, choose Action > Activate Policy.

Create custom recording policies

When you create your own policy, you make rules to specify which users and groups, published applications, and servers have their sessions recorded. A wizard within the Session Recording Policy Console helps you create rules. To obtain the list of published applications and servers, you must have the site administrator read permission. Configure that on this site's Delivery Controller.

For each rule you create, you specify a recording action and a rule criteria. The recording action applies to sessions that meet the rule criteria.

For each rule, choose one recording action:

  • Do not record. (Choose Disable session recording within the rules wizard.) This recording action specifies that sessions that meet the rule criteria are not recorded.
  • Record with notification. (Choose Enable session recording with notification within the rules wizard.) This recording action specifies that sessions that meet the rule criteria are recorded. A pop-up window appears notifying the user that recording is occurring.
  • Record without notification. (Choose Enable session recording without notification within the rules wizard.) This recording action specifies that sessions that meet the rule criteria are recorded. Users are unaware that they are being recorded.

For each rule, choose at least one of the following to create the rule criteria:

  • Users or Groups. You create a list of users or groups to which the recording action of the rule applies.
  • Published Applications. You create a list of published applications to which the recording action of the rule applies. Within the rules wizard, choose the XenApp site or sites on which the applications are available.
  • Applications Servers. You create a list of Server OS machines to which the recording action of the rule applies. Within the rules wizard, choose the XenApp site or sites where the servers reside.

When you create more than one rule in a recording policy, some sessions may match the criteria for more than one rule. In these cases, the rule with the highest priority is applied to the session.

The recording action of a rule determines its priority:

  • Rules with the Do not record action have the highest priority
  • Rules with the Record with notification action have the next highest priority
  • Rules with the Record without notification action have the lowest priority

Some sessions may not meet any rule criteria in a recording policy. For these sessions, the recording action of the policies fallback rule applies. The recording action of the fallback rule is always Do not record. The fallback rule cannot be modified or deleted.

Using Active Directory Groups

Session Recording allows you to use Active Directory groups when creating policies. Using Active Directory groups instead of individual users simplifies creation and management of rules and policies. For example, if users in your company’s finance department are contained in an Active Directory group named Finance, you can create a rule that applies to all members of this group by selecting the Finance group within the rules wizard when creating the rule.

White Listing Users

You can create Session Recording policies that ensure that the sessions of some users in your organization are never recorded. This is called white listing these users. White listing is useful for users who handle privacy-related information or when your organization does not want to record the sessions of a certain class of employees.

For example, if all managers in your company are members of an Active Directory group named Executive, you can ensure that these users’ sessions are never recorded by creating a rule that disables session recording for the Executive group. While the policy containing this rule is active, no sessions of members of the Executive group are recorded. The sessions of other members of your organization are sessions recorded based on other rules in the active policy.

Create a new policy

Note: When using the rules wizard, you may be prompted to “click on underlined value to edit” when no underlined value appears. Underlined values appear only when applicable. If no underline values appear, ignore the step.
  1. Log on to the server where Session Recording Policy Console is installed.
  2. Start the Session Recording Policy Console.
  3. If you are prompted by a Connect to Session Recording Server pop-up window, ensure that the name of the Session Recording Server, protocol, and port are correct. Click OK.
  4. In the Session Recording Policy Console, select Recording Policies.
  5. From the menu bar, choose Action > Add New Policy. A policy called New Policy appears in the left pane.
  6. Select the new policy and choose Action > Rename from the menu bar.
  7. Type a name for the policy you are about to create and press Enter or click anywhere outside the new name.
  8. With the policy selected, choose Action > Add New Rule from the menu bar to launch the rules wizard.
  9. Follow the instructions to create the rules for this policy.

Modify a policy

  1. Log on to the server where the Session Recording Policy Console is installed.
  2. Start the Session Recording Policy Console.
  3. If you are prompted by a Connect to Session Recording Server pop-up window, ensure that the name of the Session Recording Server, protocol, and port are correct. Click OK.
  4. In the Session Recording Policy Console, expand Recording Policies.
  5. Select the policy you want to modify. The rules for the policy appear in the right pane.
  6. Add a new rule, modify a rule, or delete a rule:
    • From the menu bar, choose Action > Add New Rule. If the policy is active, a pop-up window appears requesting confirmation of the action. Use the rules wizard to create a new rule.
    • Select the rule you want to modify, right-click, and choose Properties. Use the rules wizard to modify the rule.
    • Select the rule you want to delete, right-click, and choose Delete Rule.

Delete a policy

Note: You cannot delete a system policy or a policy that is active.
  1. Log on to the server where the Session Recording Policy Console is installed.
  2. Start the Session Recording Policy Console.
  3. If you are prompted by a Connect to Session Recording Server pop-up window, ensure that the name of the Session Recording Server, protocol, and port are correct. Click OK.
  4. In the Session Recording Policy Console, expand Recording Policies.
  5. In the left pane, select the policy you want to delete. If the policy is active, you must activate another policy.
  6. From the menu bar, choose Action > Delete Policy.
  7. Select Yes to confirm the action.

Understanding rollover behavior

When you activate a policy, the previously active policy remains in effect until the user’s session ends; however, in some cases, the new policy takes effect when the file rolls over. Files roll over when they have reached the maximum size limit. For information on maximum file sizes for recordings, see Specify file size for recordings.

The following table details what happens when you apply a new policy while a session is being recorded and a rollover occurs:

If the previous policy was: And the new policy is: After a rollover the policy will be:
Do not record Any other policy No change. The new policy takes effect only when the user logs on to a new session.
Record without notification Do not record Recording stops.
Record with notification Recording continues and a notification message appears.
Record with notification Do not record Recording stops.
Record without notification Recording continues. No message appears the next time a user logs on.