The Privilege Manager Configuration policy manages the pm.settings file, which contains configuration options for One Identity Privilege Manager for Unix. The Group Policy agent applies the configuration to the pm.settings file.
Since the Group Policy agent is based on Active Directory and Kerberos, setting the Kerberos setting to "yes" causes the Group Policy agent to fully configure all other Kerberos settings automatically. For this reason, the additional Kerberos-related settings are not displayed in the Settings dialog.
For more information about the Privilege Manager configuration settings, see the One Identity Privilege Manager for Unix documentation.
To configure Privilege Manager configuration settings
-
In the Group Policy Object Editor, navigate to UNIX Settings > Quest Privilege Manager.
-
Double-click Privilege Manager Configuration.
The Privilege Manager Configuration Properties dialog opens.
-
Locate the setting you want to configure.
Browse the list or type the setting name (or part of the name) in the search box and click Search.
-
Enter the desired value for the setting.
It displays additional information related to the setting in a help box at the bottom of the dialog. The help box is re-sizable using the splitter bar between the settings list and the help text.
-
Click OK to save the settings and close the dialog.
The Group Policy Configuration policy manages the vgp.conf file so that you can centrally manage the configuration options of your Group Policy agents.
The Group Policy Configuration policy allows you to manage the options that control the Unix Group Policy agent. On Unix these options are stored in the /etc/opt/quest/vgp/vgp.conf file.
Group Policy Configuration policies support non-tattooing, block inheritance, ACL filtering, and enforced settings. Policies applied later do not override enforced settings. When you unlink all Group Policy Configuration policies, the next GPO processing event restores the configuration file to its previous state.