[Samba] Group Policy Linux Machines
gcarter at aesgi.com
Fri Feb 1 15:31:00 MST 2013
Replace ibus with dbus in my comments.
I am having issues with ibus (Fedora 18) right now writing a letter in
Chinese, and it was on my mind.
对不吃 -:) (sorry)
In any case,
I think is too much Microsoft centric. I mean tools like SCCM do the job
nicely on the windows side, but I want this rat race to end with just
the SMB part of the equation which in its current iteration, SMB is a
fairly nice file network protocol.)
Ideally this management or policy server for Linux would digitally sign
each workstation in a particular policy group, then simply send XML
message trees to the client daemon on the workstation where it would
read the XML tree and configure pam.d authentication modules, remove or
install rpm/deb packages and that is about it.
I think that would address almost 80% of the issues on this list I have
I mean it really could be that simple. That hardest part would be
generating the X509 documents for the workstations and organizing them
with some sort of utility that won't drive the average person insane
managing possibly thousands of certs and what certs belong to what
policies you create.
The other 20% of the issue I think is how to integrate with Samba. To
start with that I think defining policies at login that have anything to
do with SAMBA, such as mount points would be a good place to start. Then
naturally printer organization and setup.
Then we can get at the last 5% which is possible combination of policy
groups across different architectures to enforce a given policy for storage.
(i.e. possibly writing a service for Windows/OS X which does something
similar under LINUX.)
But I think it makes a sane approach to understand that this wouldn't be
a project to replace SCCM.
On 02/01/2013 03:50 PM, Chris Weiss wrote:
> On Fri, Feb 1, 2013 at 3:44 PM, Gregory Carter <gcarter at aesgi.com> wrote:
>> I would like to submit a RFP for Group Policy Implementation on Linux
> this seems relevant, I've not tried implementing though.
More information about the samba