News Stay informed about the latest enterprise technology news and product updates.

Group Policy controls extended to Unix, Linux

A new third-party offering lets administrators apply policies to servers regardless of whether they are Windows, Linux or Unix based.

Microsoft has made no secret of its determination to expand into the data center, but this growth may not happen by the company's own hand.

Today, one of Microsoft's partners, Vintela Inc., Lindon, Utah, plans to release software that lets IT administrators bring the functions of Microsoft's Group Policy to Unix and Linux systems so they can be centrally managed by a Windows administrator. The software, called Vintela Group Policy (VGP), lets IT administrators apply the same policies to those servers as they would to any Windows server.

… as companies do more application integration, they will need to extend [cross-platform] services.

Corey Ferengul, analyst,

Meta Group Inc.

Demand for such cross-platform services is still in its infancy, some experts said. Most Windows shops consider Windows services just for those platforms and don't expect to extend those to another platform, said Corey Ferengul, an analyst at Meta Group Inc., in Stamford, Conn. "But as companies do more application integration, they will need to extend those services," he said.

There are some companies that are ready now. A security adviser for one major Connecticut insurer, who asked not to be named, said he is interested in using VGP to manage his Network Information System (NIS) mappings. NIS is a Unix-based distribution naming service, which lacks security and cannot be easily extended.

"We want a central location for managing this information so it's not in the hands of a local administrator," the security adviser said. "We want to map it back to our overall strategy and administration model we use for Windows."

A limited tryout is planned

The insurer has tested the software for only about three weeks. The company will start small, on just a few servers. And if it works well enough, the software could be installed across hundreds of servers in the enterprise.

For more information

Check out a Group Policy learning guide


See the Best Web Links on server administration

VGP, which is software that runs on a Unix or Linux server, is a component to Vintela's Authentication Services (VAS) software. VAS is mainly an identity management platform that brings centralized logon and single sign-on across multiple platforms. The company said it is adding support for IBM's AIX 64-bit, AIX 5.1 and 5.2, plus Sun Microsystems Inc.'s Solaris 9 on x86 and on SPARC.

Today, administrators need two approaches to manage Windows and Linux. Even with VAS and VGP you still have to do that, but at least the software provides one-stop administration, said Jeremy Moskowitz, a Wilmington, Del.-based author and consultant.

Moskowitz said the only option that is remotely similar can be done using Samba, the open source suite, to let Windows, Linux, Unix and other clients and servers communicate. Samba uses the TCP/IP protocol to link to Windows clients and servers as if the host were also a Windows server.

New approach to directories needed

Samba might be tricky for some and there are few tools to help make the job easier. There is one developed by Nitrobit, an Offenbach, Germany-based software company. That product uses Group Policy to let Windows clients talk to Linux servers.

For a product like VGP to be successful, customers will have to start thinking about creating global directories as opposed to platform directories, Meta's Ferengul said. Active Directory might no longer be used just for the Windows platform, for example. And other directories could be expanded outside of their stovepipes, Ferengul said.

The approach won't be cheap. VAS 2.6, which is available today, is licensed per server and per Unix-enabled accounts in Active Directory. It costs $200 per server and starts at $25 per user account in a 10-user pack. VGP 1.0 pricing starts at $50 per server and $5 per user.

Dig Deeper on Windows systems and network management