3.1 Accessing or Creating Group Policy Objects
In order to modify, create, or delete group policies for Linux Agent computers in the Active Directory domain, you either need work with existing GPOs or create new GPOs. These GPOs must be linked to any applicable Linux agents in an OU for the group policies to be effective.
When you locate a GPO or create a new one, you open the Group Policy Management Editor, expand the Linux Agent Settings node, and use the AD Bridge GPEdit Extension snap-in to make policy changes in the editor.
In general, you will use the plus symbol to add or access settings or rules, if they are not selectable in the snap-in pane, and you will use the delete symbol to remove them.
To open the GPEdit Extension snap-in on a GPO:
-
Open the GPMC on the domain controller where the GPEdit Extension was installed or from a server in the same domain.
-
Expand the domain tree and OU that contains the Linux Agent.
-
Right-click the applicable GPO, and select to open the GPO editor.
If needed, you can create a new GPO that is linked to the OU and then open the editor from the new object.
-
Expand in the GPO editor to access the setting nodes and the GPEdit Extension.
The GPEdit Extension snap-in is shown below as it appears on a new GPO when first opening the Firewall policy settings.
