Related Resources
Boardcast: Group Policy for UNIX and Linux
Learn how Likewise Enterprise allows you to extend Active Directory Group Policy to Linux and UNIX systems for one-to-many management.
Whitepaper: Likewise Enterprise Security Benefits
Find out how Likewise Enterprise improves the security of Linux and UNIX computers by allowing computers to authenticate and authorize users through Microsoft Active Directory™.
Related Resources
The Group Policy Agent in Likewise Enterprise extends policy-based management to Mac OS X computers so you can centrally administer all your Mac computers from Active Directory. The Mac policies are integrated into the Microsoft Group Policy Object Editor and the Microsoft Group Policy Management Console.
Likewise Mac group policies work like other group policies. After Likewise joins a Mac OS X computer to Active Directory, the Likewise Group Policy Agent runs in the background to pull group policy objects from Active Directory and apply them to the Mac. The results are the following listed benefits:
- Centrally manage Mac configuration settings
- Automate enforcement of such IT policies as password length and complexity
- Simplify administrative tasks like shell scripts and cron jobs
- Consistently implement security settings across the enterprise
- View reports about group policies in the Group Policy Management Console
Sample Likewise Mac OS X Policies Likewise Enterprise includes support for configuring Mac system settings with group policies. The following sampling of the Likewise Mac policies can help manage and protect Mac OS X computers.
Mac Group Policy |
Description |
|---|---|
|
Protect a Mac with its Firewall |
This policy enables the built-in firewall on target computers running Mac OS X, blocking unwanted communication. The firewall helps protect all the services in Mac OS X, such as windows sharing, personal file sharing, and remote login, from users on other networks or the Internet. |
|
Block UDP Traffic |
This policy sets the built-in firewall on target computers running Mac OS X to block UDP traffic. Blocking User Datagram Protocol traffic can help secure target computers. |
|
Disable Automatic User Login |
This policy disables automatic login on target computers running Mac OS X. The policy requires a user to log on every time the computer is turned on or restarted. |
|
Log Firewall Activity |
This policy logs firewall activity on target computers running Mac OS X Tiger or later. To help you monitor and audit Mac computers for security issues, the policy turns on firewall logging, which keeps a log of such events as blocked attempts, blocked sources, and blocked destinations. |
|
Secure System Preferences |
This policy locks system preferences on target computers running Mac OS X so that only administrators with the password can change the preferences. |
|
Turn Bluetooth On or Off |
This policy turns on or turns off Bluetooth power on target Mac OS X computers. When Bluetooth power is turned off, other Bluetooth devices, such as wireless keyboards and mobile phones, cannot connect to the computer. |
|
Use Firewall Stealth Mode |
This policy sets the built-in firewall on target computers running Mac OS X to operate in stealth mode.
Stealth mode cloaks the target computer behind its firewall: Uninvited traffic gets no response, and other computers that send traffic to the target computer get no information about it. Stealth mode can help protect the target computer's security. |
|
Use Secure Virtual Memory |
This policy configures target computers running Mac OS X to store application data in secure virtual memory. In case the computer's hard drive is accessed without authorization, the policy sets the target Mac to encrypt the data that it stores in virtual memory. |
|
Make AppleTalk Active |
This policy makes AppleTalk active on target Mac OS X computers. You can also use this policy to make AppleTalk inactive. |
|
Set DNS Servers and Search Domains |
This policy specifies the DNS servers and search domains on target Mac OS X computers. The search domains are automatically appended to names that are typed in Internet applications. |
Active Directory Security Policies
Joining a Mac to Active Directory gives you the ability to apply generic Active Directory security policies to Mac computers, users, and groups. For example, after using Likewise to join a Mac to a domain, you can apply such policies as password complexity, minimum and maximum password length, and password aging requirements.
Viewing Reports on Group Policy Settings
Likewise integrates its Mac group policies into the Microsoft Group Policy Management Console, letting you view reports about the settings of your Mac OS X group policy objects.