Microsoft Group Policy provides excellent policy-based configuration management tools for Windows. Group Policy allows you to manage Unix resources in much the same way. Group Policy allows you to consolidate configuration management tasks by using the Group Policy functionality of Microsoft Windows Server to manage Unix operating systems and Unix application settings.
To open Group Policy, click Group Policy on the left navigation panel of the Authentication Services Control Center.
In order to achieve seamless integration with the Group Policy user interface, the Group Policy interface is written as a Microsoft Management Console (MMC) snap-in extension. It is specifically designed to transparently plug into the Group Policy Object Editor (GPOE) console. The policies necessary to provide Unix management from the GPOE are integrated into the existing GPOE policy namespace.
With Group Policy, administrators use the same familiar tools (the GPOE) to manage Unix group policies as they use to manage Windows group policies. Because Group Policy adheres to the same Group Policy association and application rules, administrators are able to quickly generate useful policies for management of Unix configuration settings without significant user interface training.
In order to deliver the expected Group Policy functionality for Unix, the Group Policy client-side components for Unix are designed to mirror the functionality of the Microsoft Group Policy client-side components for Windows. Specifically, Group Policy provides an extensible infrastructure for writing Unix client-side extensions (CSEs). The flexibility of Group Policy's client-side components allows Group Policy to offer a limitless resource for creating configuration management strategies.
Group Policy ships with several client-side extensions that provide the basis for managing many aspects of Unix operating systems and applications. Developers can extend Group Policy by adding CSEs. Administrators can use Administrative Template (ADM) files to add custom Unix policy settings.
Group Policy uses the same Group Policy object processing model that is used by the Windows winlogon service including scoping and filtering of Group Policy objects. Policy settings applied through Group Policy are "non-tattooing." The Group Policy agent also provides tools for calculating the Resultant Set of Policy (RSoP) before and after policy application.
Group Policy consists of both agent and server software. You install the agent software on Unix computers and use it to apply Group Policy settings. The server software extends existing Microsoft frameworks for managing Group Policy. After installing the Group Policy agent-side extensions, administrators interact mostly with the server-side extensions which enable Unix policy configuration.
© 2020 One Identity LLC. ALL RIGHTS RESERVED. Feedback Conditions d’utilisation Confidentialité