The Primary Query must be created before any additional Queries are created. To create the Primary Query, right-click the test name, and select “New”, and choose an appropriate name (“Primary Query” is a good default). The Query Form editor will then become active, and the Query can be created as previously described under the “Queries” chapter.

There are certain rules that the Primary Query must obey in its construction:

• The first table must be “Device”. Compliance tests are run against a single Device, which will be the first table entry. A selection clause will automatically be added to select the Device being tested by one of its primary keys.

• The columns selected must include all the columns that will be referenced in the compliance test rules.

• You may want to supply appropriate Selection criteria. For example, if you intend to test a specific Access List’s rules, you must add a selection criteria that selects only the desired Access List.

• It is possible to use a Primary Query that joins attributes between multiple Devices, provided the Device being tested is listed as the first table in the join list.

• The Primary Query must not have a selection clause for the Device to be tested; instead such a selection is implicitly added when Network Configuration Manager executes the test as a result of revision processing or a user requested auditing.

• The compliance engine will add additional columns to the Query (e.g. keys of the objects in the result set) to facilitate the identification and generating of remedies. You should recognize that remedy actions will only be generated against the Device being tested.