Child Site Management Policies

Child site management policies let Parent Site Administrators enforce specific site settings across some or all child sites. When a setting is included in a policy, child site administrators cannot change it; the value set in the policy applies and is locked. This means that new child sites automatically inherit the behaviors controlled by the policy. Settings not included in the policy remain under the control of each child site's administrators.

The only type of policy that can be created is a settings policy. A parent site can have at most 1 settings policy.

When to Use Settings Policies

Use settings policies when your organization has requirements that child site administrators must not be able to override. This is typically for security, compliance, or data governance reasons. Common examples include:

• Disabling insecure protocols: If your compliance program prohibits unencrypted FTP, add the Plain/unencrypted FTP Support setting to your policy and disable it. Child site administrators cannot re-enable it.
• Enforcing two-factor authentication: If all users across your organization must use 2FA, enforce that setting from the parent site so child site administrators cannot relax it for their site.
• Standardizing retention settings: If your data governance program requires a specific retention period, set it in the policy to prevent child sites from diverging from that requirement.

Creating a Settings Policy

To create a settings policy, provide a Name for the policy. You can also provide a Description to add notes for reference.

You must define the scope of affected child sites. A settings policy either applies to all child sites, or to all child sites except a list you specify.

Add any settings you want to enforce to the policy. Each setting you add requires a value, and the value must be valid for that setting. Any settings you do not add to the policy remain editable within each child site. The full list of settings that can be managed by a policy is available in the developer documentation.

When you save the policy, the settings take effect immediately for all applicable child sites. When a new child site is created, it automatically inherits the settings from the policy.

Settings values are saved within the policy itself. If you later change a setting on the parent site, the policy value does not update automatically — you must edit the policy directly to change what is enforced on child sites.

Child site settings policies never restrict or change the settings of the parent site.