Policies

On this page, you can assign policies for pre-existing user groups that you can set up in Parallels My Account. Each user group is a sublicense of your main Parallels Desktop Enterprise Edition license with a unique key. Read this chapter to learn more.

To create user groups and populate them with users, please refer to this page. If you plan on using Single Sign-On for license activation, refer additionally to this page.

To create a new policy, click on the Add button in the top left corner of the page.

Presently, policies only define what users from your organization can do with their Parallels Desktop setups and not their virtual machines. The four available settings are:

• Limit users to corporate virtual machines only. This policy prevents users from setting up new virtual machines from sources other than your organization’s Golden Images, as well as importing or cloning pre-existing ones. You may want to enact this policy to prevent members of your organization from setting up virtual machines for their own extracurricular activities;

• Limit the number of corporate virtual machines per user to one. This setting prevents users from installing any more virtual machines from the approved sources (i.e., your organization’s Golden Images). Note: If you select this option alone, without the previous option, users will still be able to add new virtual machines using third-party sources, such as the default images available through Parallels Desktop;

• Do not allow removing corporate virtual machines;

• Do not allow upgrading to the next major Parallels Desktop version. This setting will still allow users to update their Parallels Desktop installations to a minor version (e.g., 20.0 to 20.1) but will prevent them from upgrading to a major version (e.g., from 20.x to 21.x) when it becomes available. Enabling this setting will allow you to first ensure that a major new version suits your needs before proceeding with a fleet-wide upgrade. Note: This setting will have no effect if your organization is running a local update server, or your update policies are managed via an MDM solution.

• Do not allow editing Parallels Desktop preferences. This setting prevents users from changing the preferences for their Parallels Desktop setups. To learn more about the settings that can be changed in the Parallels Desktop Preferences panel, read this section of the Parallels Desktop's user guide.

• Do not allow running virtual machines without this company's Parallels license. This setting prevents users from transferring and launching their virtual machines (as well as Golden Images) to Parallels Desktop installations that don't have your organization's Enterprise license. Read more on virtual machine encryption here. Note: The initial application of this setting to existing Parallels Desktop installations already running corporate virtual machines will trigger a re-encryption procedure that will temporarily render those virtual machines unavailable for use. The users will receive a clear message when attempting to launch such virtual machines. Encrypting virtual machines using a command-line interface will become unavailable. Read more here.

When adding a new policy, provide the following information:

1. Name. Use a unique descriptive name in case the number of policies increases in the future;

2. Description;

3. Policy applies to. This setting allows you to add and remove the groups (as defined by secondary license keys) that the policy applies to. If you don't divide your Parallels users into groups, or have users assigned to the primary license key, you may assign a policy to the primary license key. To add a group, use the drop-down menu as indicated in the image above. To remove one already added, click on the (X) symbol next to the one already listed. Note: You may choose to apply a specific policy to the users whose copies of Parallels Desktop are activated with the primary license key. These settings will not affect any users who are on secondary license keys or have been included in one of the SSO user groups;

4. Set the restrictions as described above;

5. Click Save.

The default view of the main Policies screen shows you the list of all the policies under your management, citing their names as provided during the setup process, their descriptions, and the list of groups they apply to. Right-clicking on a policy from the list allows you to edit or delete it.

If a policy is marked as "not applied", it either means that no groups were selected during the creation, or the group(s) it initially applied to was (were) deleted.