1. Open the ZTAG-Policy-Builder.ps1 script using PowerShell ISE.

  2. Click the Green Arrow to run the ZTAG Policy Builder script.

  3. Click OK on the Welcome Message.

  4. Enter the path to the configuration file that should be used and Enter

  5. Enter the credentials to authenticate to the LoadMaster or ECS Connection Manager.

  6. Select Create New Virtual Service

  7. Choose whether to perform a backup before making any updates on the LoadMaster/ ECS Connection Manager.

  8. If enable TLS was set to “Y” in the configuration file, and no parameters were provided to add a new certificate, a prompt to select an existing certificate is provided.

  9. Steering Group Use Case Only – A prompt is presented to select an existing SSO domain to use to pre-authenticate users.

  10. Trusted/Untrusted Zone Use Case Only – Select the SSO domain to use for known networks within the environment.

  11. Trusted/UnTrusted Zone Use Case Only – Select the SSO domain to use for all other networks that do not exist in the environment.

  12. The script steps will be presented as the configuration takes place.

  13. 13. A confirmation that the script ran successfully will be presented at completion.