As you may have heard last week, or seen in our newsletter, or read graffiti’d all over the New York subway system, our Group Policy Automation Engine (GPAE) has added support to help organizations manage their Unix systems with Group Policy! OK, maybe that is a stretch, but it was in our newsletter!
We are so excited to enable the configuration of the Dell Authentication Services in the latest version of our automation engine. The areas of support we provide are simple, two pieces, access control and Sudo settings. Who can access Unix Systems, who cannot and if they can, what can the run! Simple, security focused and accessible through automation.
This video walks through some examples of how you can do this. In the video I use some script functions that are provided through our Scripting Expert Toolkit. This will not ship as a part of the Group Policy Automation Engine 4.0 but will be available as a separate download. The user guide that you will find when you install the GPAE has a few examples that use the native cmdlets. The main difference you will see is the code used to reference a GPO/Container or Setting:
- Get a reference to a GPO
- GPAE native – ‘$gpo = Get-SDMGPObject -gpoName “gpo://scico.local/qastest” -openbyname’
- GPAE with Scripting Toolkit – ‘$gpo = Get-GPAEgpo -Name “qastest”
- Get a reference to a Container
- GPAE native – ‘$ACContainer = $gpo.getobject(“Computer Configuration/Unix Settings/Quest Authentication Services/Access Control/”)
- GPAE with Scripting Toolkit – ‘$ACContainer = Get-GPContainer -Path “Computer Configuration/Unix Settings/Quest Authentication Services/Access Control/” -gpo $QASGPO’
The toolkit is provided to help people understand the capabilities around writing your own PowerShell tools and simplifying some process for the IT admin or DevOps engineer who will be utilizing it the most. It provides examples and samples that will be helpful as you build your automation.
The Video goes through two things primarily. The first is how to read existing QAS settings out of a GPO that is already configured and the second is how to write those settings. There is more to come, and more smaples, and more scenarios, but for now this will help set the core context of what can be accomplished today with the automation of Dell Authentication Services settings in Group Policy Objects.
Please take the time to download and evaluate. If you are using our automation engine please provide some feedback and how you use the solution and what kinds of capabilities you ‘wish’ it had. We are always open to feedback!
Best, and we look forward to hearing from you at SDM Software.