立即与支持人员聊天
与支持团队交流

Safeguard Authentication Services 6.0.1 - Administration Guide

Privileged Access Suite for UNIX Introducing One Identity Safeguard Authentication Services UNIX administration and configuration Identity management Migrating from NIS Managing access control Managing local file permissions Certificate Autoenrollment Integrating with other applications Managing UNIX hosts with Group Policy
Safeguard Authentication Services Group Policy
Group Policy Concepts UNIX policies One Identity policies
Display specifiers Troubleshooting Glossary

Group Policy Configuration policy

The Group Policy Configuration policy allows you to manage the options that control the UNIX Group Policy agent. On UNIX these options are stored in the /etc/opt/quest/vgp/vgp.conf file.

Group Policy Configuration policies support non-tattooing, block inheritance, ACL filtering, and enforced settings. Policies applied later do not override enforced settings. When you unlink all Group Policy Configuration policies, the next GPO processing event restores the configuration file to its previous state.

Configuring Group Policy options

This section describes how to configure Group Policy options.

To configure Group Policy options

  1. Start Group Policy Editor.

  2. Navigate to the UNIX Settings > Safeguard Authentication Services > Client Configuration node.

  3. Double-click Group Policy Configuration in the results view to open the Group Policy Configuration Properties dialog.

    The Properties dialog contains a list of configuration settings.

  4. Enter the configuration settings. Detailed help text is available for each setting. You can resize the help window using the splitter control between the settings and the help text.

  5. Click OK.

    NOTE: Options that are not set (blank) use the default value defined by Group Policy. Any options that are set in the policy override local settings stored in the configuration file.

Client-Side Extensions policy

The Client-Side Extensions policy determines which Client-Side Extensions (CSEs) apply policy and in what order.

To determine policy processing order, check the Define this policy option in the Client-side Extensions Properties dialog. Click Add, Edit, Remove, Move Up, Move Down, or Reset to change the policy processing configuration.

For security reasons the following extensions cannot be removed from policy processing:

  • Licensing Extension

  • Safeguard Authentication Services Configuration Extension

  • Microsoft Security Extension

  • Macintosh Settings Extension

Safeguard Authentication Services policies

One goal of Group Policy is to simplify and centralize Safeguard Authentication Services configuration data. Use Safeguard Authentication Services Policies to configure everything from basic settings to advanced host access control and account override information.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级