You can deploy application files on Linux Agent computers using GPOs to harden, manage, and persist application settings on these computers. With these GPOs in place, any attempts to modify an application configuration from the Linux Agent computer will be overwritten by the GPO configuration.
This is done from the Deploy Files node by importing existing application files into one or more GPOs and assigning the GPOs to the Linux Agent OU. All changes going forward for these applications can then be managed from the GPOs in Active Directory.
For example, if you have a Web Service in your enterprise environment that manages user access on the Internet or Intranet by restricting communication based on IP addresses, you can modify these settings in the GPO.
Before you can manage a Linux Agent application using a GPO, the following prerequisites need to be met:
The GPO must be linked to applicable Linux agents
You need to know the relative path for deploying the configuration file on the agent
You need to know the location of the application file you will use to configure the group policy
To begin managing Linux applications using GPOs:
Expand the domain tree and OU that contains the applicable Linux Agent(s).
Right-click the applicable GPO, and select Edit to open the GPO editor.
Expand Linux Settings in the GPO editor, and click the Deploy Files node.
Click the plus symbol + in the GPEdit Extension and do the following:
Name the new rule.
Click the browse button and locate the application file.
Enter the relative path on the Linux Agent(s) where you will deploy the GPO configuration file.
Click Add.
Once you have the application file added to the GPO, make any required configuration changes from the GPEdit Extension options and save your changes to apply the group policy to the Linux Agent computers.
NOTE:You can add and deploy more than one application configuration to a GPO.