Figure – Lenovo ThinkPad T41p User Manual
Page 20
The
access
control
policy
defines
the
restrictions
that
are
in
place
for
a
particular
profile.
Access
control
policies
can
be
defined
per
profile
and
can
have
the
following
values:
a.
Deny
all
changes
/
Deny
Deletion
:
Users
cannot
perform
operations
such
as
modify,
copy,
or
delete
on
the
profile.
b.
Deny
network
setting
changes
/
Deny
deletion
:
In
this
case
the
network
settings
in
the
profile
cannot
be
modified,
deleted
or
copied.
The
non-modifiable
parameters
are
TCP/IP
settings,
Advanced
TCP/IP
settings,
and
wireless
settings.
The
profile
cannot
be
deleted.
c.
Deny
all
changes
/Allow
deletion
:
Users
can
not
modify
or
copy
the
profile;
however,
users
can
delete
the
profile.
d.
Allow
all
changes
/
Allow
deletion
:
Users
can
modify,
copy
and
delete
the
profile.
Limitation:
The
above
control
policies
can
be
applied
to
local
users
with
Administrator
level
privileges.
If
the
local
users
are
configured
as
Limited
Users,
stricter
restrictions
are
imparted
by
the
operating
system.
Limited
Users
can
only
create
dial-up
connection-type
profiles
and
can
not
modify
or
copy
or
delete
profiles
created
by
the
administrator.
A
global
setting
in
Access
Connections
enables
Limited
Users
to
switch
between
profiles
created
by
the
administrator.
4.
When
the
Allow
silent
import
of
this
package
even
after
installation
of
client
checkbox
is
marked,
the
IT
administrator
can
export
to
any
client
computer
*.LOA
files
silently
regardless
of
the
privileges
of
the
user
who
is
actually
logged
on
to
the
client
computer.
Later
packages
(consisting
of
*.LOA
and
*.SIG
Figure
4.
Create
Distribution
Package
window
14
IBM
Access
Connections
Deployment
Guide
Version
3.3.0