Configuring Mac OS X Workstations Using Windows Group Policy

Configuring Mac OS X Workstations Using Windows Group Policy

As Mac OS X becomes an increasingly popular workstation choice inside enterprises, corporate IT departments and helpdesk personnel are looking for tools to enforce the same types of configuration and security settings on Macs that are already available for Windows systems. In this video chalktalk you'll discover how Centrify addresses this need by extending Windows Group Policy services to Mac systems using Centrify's Active Directory integration solution for Mac OS X.

Running Time: 29 minutes


David McNeely, Director, Product Management


Tom Kemp, Chief Executive Officer

Topics Covered

  • An overview of Windows Group Policy, including computer and user policies
  • Why "desktop lockdown" is a key requirement for managing a user's workstation from a security and compliance perspective
  • An architectural overview that shows how Group Policies can be centrally edited and then globally distributed to Mac systems
  • How Centrify maintains a "virtual registry" to hold Group Policy Objects on a Mac system
  • How Windows Group Policy's grouping and filtering features provide more granular policy enforcement over alternative methods
  • The advantages of using familiar Windows management tools for Mac management
  • Example policies, such as: disabling access to removable devices like CD/DVD drives and USB drives: locking the screen after a period of inactivity; and configuring portable home directories
  • How advanced features such as loop-back processing can apply different user settings in different contexts
  • Policies that address specific federal security requirements, including those in the Federal Information Systems Management Act
  • Controlling application settings globally by using Group Policy for bulk distribution of plist settings
  • How Centrify works with other vendors in the Enterprise Desktop Alliance to define a standard set of solutions for managing Mac OS X systems within Windows-centric enterprises