This policy item checks if the registry item or file content matches the content provided by normalizing the values to use common newline, escaping patterns, and stripping white space from the beginning and end of policy text.




description: ["description"]

value_type: POLICY_TEXT

value_data: ["banner content"]

reg_key: ["path to registry key"]

reg_item: ["registry item"]

is_substring: [YES|NO]


The following are descriptions of the keywords:

  • value_type: The value is POLICY_TEXT. If you define a check as POLICY_MULTI_TEXT, the evaluation will work, but NULL displays as the Remote value.
  • value_data: Defines the placement of the banner. New lines are represented by adding an "\n" where the new line should be placed.
  • reg_key and reg_item: The registry key and registry item are combined to identify where the registry banner is located. The most common location will be located at "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" key in the "LegalNoticeText" item.
  • is_substring: An optional flag that supports the possibility of location specific information being placed in a banner. If set to YES, the expected banner can be a substring of the file content, and not require a full match.

Note: The comparison that the check performs is not case sensitive.




description : "Logon banner is configured"

value_type : POLICY_TEXT

value_data : "** No Unauthorized Access **"

reg_key : "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System"

reg_item : "LegalNoticeText"