Overview
Configure deployment packages that install Code42 apps on your users' devices according to your specifications. Integrate your apps with SSO, for example, and install silently, without user intervention. This article describes each element of the Deployment Policies interface.
Considerations
These instructions apply to administrators deploying Code42 apps version 6.5 or later with on-premises authority servers version 6.5 or later. If you are using older servers or clients, select the appropriate instructions from Manage app installations in your Code42 environment.
To use these deployment tools, you need to sign in to your Code42 console as a user with one of these roles:
Deployment policies
To view and manage deployment policies:
- Sign in to the Code42 console.
- Select Administration > Client Management > Deployment.
If your Code42 environment does not yet have any deployment policies, you see the option to Create New Deployment Policy. If your environment already has one or more policies, you see the Deployment Policies list.

Item |
Description |
a |
Create New Policy |
Open the interface for defining a new Code42 app deployment policy. |
b |
Policy name |
The name of the policy. Click to see policy details. |
c |
Created On |
The date the policy was created. |
d |
Created By |
The username of the administrator who created the policy. |
e |
Registration Org |
Code42 apps deployed with this policy register with this organization. Or, if LDAP scripting is configured, into the organization specified by the script.
The organization determines the authentication method and optional proxy address for the policy.
If you deactivate an organization, the associated policy will not work. The policy list displays an alert to say so.
|
f |
Edit Policy |
Allows you to view and change details of the policy.
|
g |
Delete Policy |
Removes the policy from your Code42 environment. Code42 apps deployed to use that policy, but not yet run and installed, will fail to install.
|
Policy details
In the Deployment Policies list, click a policy name to see details about the policy.

Item |
Description |
a |
Policy name |
The name of the policy. |
b |
Edit Policy |
Change details of the policy.
|
c |
Registration Org |
Code42 apps deployed with this policy register with this organization. Or, if LDAP scripting is configured, into the organization specified by the script.
The organization determines the authentication method and optional proxy address for the policy.
Version 8.2.5 and later: If your custom script specifies a value for C42_ORG_REG_KEY , only users not covered by the script register to this organization.
|
d |
Authentication |
The method the registration organization uses to validate the usernames and passwords entered by users in the Code42 app.
- LDAP (<provider name>): Usernames and passwords are defined in LDAP provider data.
- Local: Username and passwords are defined in the Code42 console
- SSO (<provider name>): Usernames and passwords are defined in SSO provider data.
|
e |
Auto Register Users |
- No: Users must manually sign in to the Code42 app to start security monitoring and backup. You have two options:
- Advise users to self-register by clicking Sign up in the Code42 app.
- Create user accounts and provide the credentials to users.
- Yes: The username is determined by the deployment policy's detection script. The Code42 app authenticates with SSO. Security monitoring and backup begins automatically, provided the destination is set to auto-start.
|
f |
Windows Script
Mac Script
Linux Script
|
Defines how the Code42 app detects the username and user home directory. In version 8.2.5 later, the detection script can also optionally specify the organization. Scripts differ by operating systems.
- Use default script: The Code42 app uses a script supplied by Code42 that is suitable for typical Windows and Mac devices.
- Use a custom bash/batch script: The Code42 app uses a script supplied by the administrator who creates the policy.
See Deployment script and command reference for more details.
|
g |
Use Org Proxy URL to connect?
|
|
h |
Launch desktop app after install? |
- Yes: After installation on a Windows or Mac device, the Code42 app opens for the user to see and use. Not applicable on Linux.
- No: The Code42 app does not show until the user manually opens the app.
|
i |
Last Modified |
The date the policy was last saved. |
j |
Created On
Created By
|
The date the policy was created.
The username of the administrator who created the policy.
|
k |
Installation properties |
These strings provide arguments for a command that installs a Code42 app. Use them in your device management tool or installation scripts. See Deployment script and command reference for more details.
|
l |
Generate new token |
Give the policy a new identifier string.
- Generate a new token if you suspect unauthorized use of the deployment policy.
- Any Code42 apps previously deployed with the policy, and not yet installed, will fail to install. You will need to install them with the new, active, deployment token.
|
Create or edit deployment policy
Version 8.2.5 and later
In the Deployment Policy view, select Create New Policy or Edit Policy.

Item |
Description |
a |
Policy Name |
Enter a name to describe and identify this policy. |
b |
The deployment policy determines the user's organization |
Determines the user's organization. If your custom script specifies a value for C42_ORG_REG_KEY (see item g below), only users not covered by the script register to this organization.
Users register according to the authentication method and directory services configured for their organization.
If an organization already has another deployment policy, it is dimmed in the dropdown and cannot be selected. Choose a different organization, or edit the existing policy for that organization.
|
c |
Authentication Method |
The Code42 app uses the authentication method defined for the user's organization.
- LDAP (<provider name>): Usernames and passwords are defined in LDAP provider data.
- Local: Username and passwords are defined in the Code42 console.
- SSO (<provider name>): Usernames and passwords are defined in SSO provider data.
|
d |
Do you want to automatically register users? |
- No: Users must manually sign in to the Code42 app to start security monitoring and backup. You have two options:
- Advise users to self-register by clicking Sign up in the Code42 app interface.
- Create user accounts and provide the credentials to users.
- Yes: The username is determined by the deployment policy's detection script. The Code42 app authenticates with SSO. Security monitoring and backup begins automatically, provided the destination is set to auto-start.
|
e |
Which operating systems should use this policy when installing the client? |
Determines which operating systems use this policy during Code42 app deployment.
|
f |
Use default script |
The Code42 app uses a detection script supplied by Code42 that is suitable for typical Windows and Mac devices. Linux devices cannot use the default script; a custom script is required.
|
g |
Add a custom bash script for detecting username, user home, and organization |
Uses your custom script to define how the username, user home directory, and the user's organization are determined.
All custom scripts must end by writing the C42_USERNAME and C42_USER_HOME variables to standard output (see below). C42_ORG_REG_KEY can also be included to define the organization, but this is optional. If C42_ORG_REG_KEY is not present, the Code42 app uses the default organization selected for this deployment policy.
echo C42_USERNAME=<value>
echo C42_USER_HOME=<value>
echo C42_ORG_REG_KEY=<value>
Require users to manually enter their usernames
The main purpose of selecting operating systems in this section is to generate the appropriate scripts to automatically detect the username during Code42 app installation.
To require users to manually enter their usernames, do not select any operating systems. By leaving all operating systems blank, a deployment policy is still created, but there is no user detection script. As a result, users must enter their usernames to complete the installation process on their device. The server address is still automatically populated for users by the deployment policy.
|
h |
Do your clients need a proxy URL? |
|
i |
Launch desktop app after initial install? |
- Yes: After installation on a Windows or Mac device, the Code42 app opens for the user to see and use. Not applicable on Linux.
- No: The Code42 app does not show until the user manually opens it.
|
Versions 6.5 - 7.x
In the Deployment Policy view, select Create New Policy or Edit Policy.

Item |
Description |
a |
Policy Name |
Enter a name to describe and identify this policy. |
b |
How should new users register? |
Select an organization.
The configuration of the organization determines how new Code42 apps register with their Code42 environment, create accounts, and start backups.
A greyed out name is for an organization that already has a policy. For that organization, edit the existing policy.
|
c |
Authentication Method |
Newly deployed Code42 apps use the authentication method defined for their organization.
- LDAP (<provider name>): Usernames and passwords are defined in LDAP provider data.
- Local: Username and passwords are defined in the Code42 Code42 console.
- SSO (<provider name>): Usernames and passwords are defined in SSO provider data.
|
d |
Do you want to automatically register users? |
- No: Users must manually sign in to the Code42 app before back up starts. You have two options:
- Advise users to self-register by clicking Sign up in the Code42 app interface.
- Create user accounts on your authority server and provide the credentials to users.
- Yes: The deployment's detection script (items f and g, below) acquires the username from the operating system. The Code42 app authenticates with LDAP or SSO. Backups begin automatically, provided the destination is set to auto-start.
|
e |
Which operating systems should use this policy when installing the client? |
Select which operating system you deploy Code42 apps to.
Select how Code42 apps will detect their username and home directory.
Require users to manually enter their usernames
The main purpose of selecting operating systems in this section is to generate the appropriate scripts to automatically detect the username during Code42 app installation.
To require users to manually enter their usernames, do not select any operating systems. By leaving all operating systems blank, a deployment policy is still created, but there is no user detection script. As a result, users must enter their usernames to complete the installation process on their device. The server address is still automatically populated for users by the deployment policy.
|
f |
Use default script |
The Code42 app uses a detection script supplied by Code42 that is suitable for typical Windows and Mac devices. |
g |
Add a custom script |
The Code42 app uses a detection script supplied by the administrator who creates the policy. Custom scripts must end by writing two variables to standard output:
echo C42_USERNAME=<value>
echo C42_USER_HOME=<value>
For Linux, a custom script is the only option.
See Deployment script and command reference for more details
|
h |
Do your clients need a proxy URL? |
|
i |
Launch desktop app after initial install? |
- Yes: After installation on a Windows or Mac device, the Code42 app opens for the user to see and use. Not applicable on Linux.
- No: The Code42 app does not show until the user manually opens it.
|
Policy saved
When you save a newly defined or edited policy, the Policy Saved dialog appears.

Item |
Description |
a |
Installation properties |
Use these strings as arguments to a command that installs a Code42 app.
Click to copy and download the properties now, or access them later from the policy details view.
|
b |
Done |
Close the dialog and return to the Deployment Policies list. |
Authentication mismatch

Mismatches occur when you:
- Define an organization to use LDAP or SSO authentication.
- Assign that organization a deployment policy with auto-registration.
- Edit the organization to use local authentication.
The policy becomes invalid because the organization can no longer support auto-registration.
The solution is to reconfigure the organization or edit the policy.