Managing/Importing New Group Policy Templates

Showing results for 
Search instead for 
Do you mean 
Reply
Participant II
Posts: 3
Registered: ‎08-07-2016
#1 of 2 170

Managing/Importing New Group Policy Templates

Summary:  We have a small MacOS subset of a larger (Windows) environment.  The environment has an ADCS that all machines get certificates from via group policy.  A primary reason we originally purchased Centrify was to use the DC client for certificate enrollment (on the Macs; we don't have Centrify on Windows at all).  We also use it for a few other policy settings but that's about it.  While we've done a good job at keeping the DC client up to date on the Mac endpoints we have not imported group policy templates in quite a while.  If I'm understanding things correctly there is no master ADMX template that can be loaded into SYSVOL and you're supposed to import the template into existing group policy objects.  The person who originally set up GP for the Macs via Centrify broke things out into many individual GPOs, for example, we have one for "Centrify - Firewall", "Centrify - Accounts", etc. 

 

Question:  If I go to edit one of these existing policies I can right-click on "Centrify Settings" and can see the two existing XML templates being used.  Would I just add the new templates to each individual GPO ("Firewall", "Accounts", etc.) one at a time?  How much do I need to worry about this impacting existing settings?  Or....maybe everything I've laid out is wrong and there is a different way to do this....

Centrify Guru I
Posts: 2,433
Registered: ‎07-26-2012
#2 of 2 166

Re: Managing/Importing New Group Policy Templates

@doitsas,

 

Welcome back to the community.

 

Part of keeping your environment up to date and to discover new features on the Mac capabilities is to update your GPO templates.  When you upgrade the components in your management station, open GPMC and right click the Centrify Settings and select Add/Remove templates.

 

You can easily see by timestamp how outdated your templates may be

template1.png

Press Add.  Below are the timestamps of the 18.11 version.

template2.png

 

Select the template in question and commit

template3.png

 

Update on any other places the template has been used.

 

Note that moving forward, all Mac-related capabilities are supported by Idaptive.  This answer was provided as a courtesy.

 

======================

Idaptive Products (Direct Control for Mac agent and SAP Plug-Ins) are now available for download from the Idaptive Download center. For any issues or help, please contact Idaptive Support via https://support.idaptive.com/s/ or call +1-408-495-8118.

 

R.P

 

 

 

Want to learn more about practical Centrify examples? Check out my blog at http://centrifying.blogspot.com
Follow Centrify: