Linux Agent GPO settings include rules for Firewall, Services, OpenSSH, Custom Configuration Files, and managing Active Directory logins. The Firewall settings include default Allow and Deny helper rules that you can configure, but you can also define custom Firewall rules.
Before deploying any configuration changes in your production environment, we strongly recommend that you first deploy GPOs in a Linux test environment to minimize the risk of introducing harmful Group Policy errors.
For examples of how to configure Linux Agent Settings in the GPO editor, see Managing Linux GPO Settings.
Setting Type |
Setting Name |
Setting Data Type |
Input Value (if any) |
---|---|---|---|
Firewall |
All TCP |
Allow/Deny |
|
|
All UDP |
Allow/Deny |
|
|
SSH |
Allow/Deny |
|
|
HTTP |
Allow/Deny |
|
|
HTTPS |
Allow/Deny |
|
|
Samba |
Allow/Deny |
|
|
SMTP |
Allow/Deny |
|
|
MySQL |
Allow/Deny |
|
|
FTP |
Allow/Deny |
|
|
|||
Services |
Start |
String |
|
|
Stop |
String |
|
|
Restart |
String |
|
|
|
|
|
Configuration Files
|
|
|
|
SSH |
Log Level |
String Enum |
QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, DEBUG3 |
|
Set Login Grace Time |
Integer |
|
|
Set Client Alive Count Max |
Integer |
|
|
Use GSSAPI Authentication |
String Enum |
yes, no |
|
Use GSSAPI KeyExchange |
String Enum |
yes, no |
|
Use GSSAPI Cleanup Credentials |
String Enum |
yes, no |
|
Use Challenge Response Authentication |
String Enum |
yes, no |
|
Use PAM |
String Enum |
yes, no |
|
Use Password Authentication |
String Enum |
yes, no |
|
Allow Users |
String |
|
|
Deny Users |
String |
|
|
Deny Groups |
String |
|
Sudoers |
Number Text True /False Yes /No |
Integer String String Enum String Enum |
|
|
|
|
|
Deploy Files |
Source File |
String |
|
|
|
|
|
Execute Commands |
Command |
String |
|
|
|
|
|
AD Logins
|
|
|
|
On Premises |
AD login provider mode |
String Enum |
add, simple, deny |
|
Allow these AD users to log in |
String |
|
Allow these AD groups to log in |
String |
|
|
Prevent these AD users from logging in |
String |
|
|
Prevent these AD groups from logging in |
String |
|
|
Cloud |
Allow these AD groups to log in |
String |
|
|
Allow users matching this LDAP filter to log in |
String |
|