Safeguard Authentication Services Group Policy
The Microsoft Group Policy management solution is included as an integral part of the Microsoft Windows Server and allows administrators to define configurations for both Windows servers and desktops. Windows Administrators can use Group Policy to set policies that apply across a given site, domain, or range of organizational units (OUs) in Active Directory.
Group Policy allows administrators to use Microsoft Group Policy to manage configuration settings for non-Windows operating systems and applications. Safeguard Authentication Services allows Group Policy to become a single integrated tool for managing resource configuration in your enterprise, Windows and non-Windows alike.
Group Policy
Microsoft Group Policy provides excellent policy-based configuration management tools for Windows. Group Policy allows you to manage Unix resources in much the same way. Group Policy allows you to consolidate configuration management tasks by using the Group Policy functionality of Microsoft Windows Server to manage Unix operating systems and Unix application settings.
To open Group Policy, click Group Policy on the left navigation panel of the Safeguard Authentication Services Control Center.
Administrative interface
In order to achieve seamless integration with the Group Policy user interface, the Group Policy interface is written as a Microsoft Management Console (MMC) snap-in extension. It is specifically designed to transparently plug into the Group Policy Object Editor (GPOE) console. The policies necessary to provide Unix management from the GPOE are integrated into the existing GPOE policy namespace.
With Group Policy, administrators use the same familiar tools (the GPOE) to manage Unix group policies as they use to manage Windows group policies. Because Group Policy adheres to the same Group Policy association and application rules, administrators are able to quickly generate useful policies for management of Unix configuration settings without significant user interface training.
Unix agent technology
In order to deliver the expected Group Policy functionality for Unix, the Group Policy client-side components for Unix are designed to mirror the functionality of the Microsoft Group Policy client-side components for Windows. Specifically, Group Policy provides an extensible infrastructure for writing Unix client-side extensions (CSEs). The flexibility of Group Policy's client-side components allows Group Policy to offer a limitless resource for creating configuration management strategies.
Group Policy ships with several client-side extensions that provide the basis for managing many aspects of Unix operating systems and applications. Developers can extend Group Policy by adding CSEs. Administrators can use Administrative Template (ADM) files to add custom Unix policy settings.
Group Policy uses the same Group Policy object processing model that is used by the Windows winlogon service including scoping and filtering of Group Policy objects. Policy settings applied through Group Policy are "non-tattooing." The Group Policy agent also provides tools for calculating the Resultant Set of Policy (RSoP) before and after policy application.
