homepage Welcome to WebmasterWorld Guest from 54.161.214.221
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
"Group Policy" for Linux or UNIX
And idle question...
MattyMoose




msg:907486
 6:34 am on Mar 30, 2006 (gmt 0)

Hi all,

Just some thought food...

As a sysadmin of several networks over the years, I have to say that one of the fantastic benefits of Microsoft's NDS/LDAP lookalike they call ADS is "Group Policies".

I really found myself enjoying the ability to create global settings for all desktops within particular groups of users or computers, or domain-wide. The scope of the settings was rather limited once you tried to do fancier things, I admit, but the basics were there.

What I'm wondering is -- does anyone know if someone is working on a free/open implementation of something similar? I'm talking more than domain membership here, so it's not Samba or NIS that I'm talking about. It would be, IMO, one of the "killer apps" for sysadmins that are looking to roll out *NIX on the front and the back end.

I envision something like a "global settings daemon" or something of that like, which each client runs and it connects to a master server to read its settings from, for anything from Gnome settings for default browser, screensaver policies, etc.

Anyway, I hope I'm making sense, and maybe someone knows of a project which they can point me in the right direction for. :)

Cheers,
MM

 

SeanW




msg:907487
 1:56 pm on Mar 30, 2006 (gmt 0)

Novell has their eDirectory product for Linux. Also look at cfengine.

A lot of the things that GPOs were designed to solve just aren't a problem under Unix because normal users can't mess around outside of /home. Also, proper use of NFS will make software rollouts very easy.

Sean

MattyMoose




msg:907488
 10:59 pm on Mar 30, 2006 (gmt 0)

That's true enough, and I've looked into Novell's eDirectory server, but that's specific to Novell and its Linux products. What I'm looking at is something a bit more global (like it will optionally work for FreeBSD or Linux Slackware, for example).

I understand that most users wouldn't be able to control things outside of their $HOME, but that's part of the problem. If we want users to only use our proxy server, for example, we should be able to push that setting down to our browser that we standardize on (like Firefox, or whatnot). I'd like to be able to 'force' users to use this proxy, and not be able to change it. Yes, I know that in this example, there are ways to enforce that from a network perspective, but I'd rather do the network setup, and set a policy that globally says "FF will use 1.2.3.4 as its proxy, everywhere by default". The trick would be to prevent users from being able to change some things, but allowing them to alter others (ie: Don't change Proxy settings, but allow default home page changes).

Anyway, part of the problem is working in a heterogenous environment with multiple possible browsers ranging from lynx to opera, and no standard place to store settings (like the registry! ;) ).

Ahhh well, it's probably a pipe dream for a F/OSS implementation that stretches across these disparaging platforms and apps.

Cheers,
Matt

SeanW




msg:907489
 1:38 am on Mar 31, 2006 (gmt 0)

Yea, it's pretty much application by application.

pine did it well -- there were two global config files, one was the defaults, the other was the same but the user couldn't override them.

Firefox seems to use the config file for its settings, so something like cfengine could enforce the proxy settings. I'm also wondering if there are environment variables that can be set. Most command line utilities accept $http_proxy, a quick check of firefox shows it doesn't.

Sean

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved