INTERFACES AND METHODS FOR GROUP POLICY MANAGEMENT
First Claim
1. In a computing environment, a method comprising:
- receiving a request to manage security settings of a group policy data construct;
generating a permissions table based on security information associated with the group policy data construct, wherein each row in the permissions table corresponds to a trustee and each column in the permissions table corresponds to a directory service permission, wherein each cell in the permissions table contains data regarding an access state, whether the access state is inherited, and whether the access state is inheritable;
changing the permissions table to satisfy the request;
saving security settings to the group policy data construct based on the changed permissions table; and
performing a check of the permissions table to determine whether each access state is either in a state of allowed or in a state of denied.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for managing group policy objects in a network, including interfaces that allow access by programs or a user interface component to functions of a group policy management console that performs management tasks on group policy objects and other related objects. The interfaces abstract the underlying data storage and retrieval, thereby facilitating searching for objects, and providing the ability to delegate, view, change and permissions on those objects, and check and save those permissions. Modeling and other test simulations are facilitated by other interfaces. Other interfaces provide dynamic and interactive features, such as to convey progress and rich status messages, and allow canceling of an ongoing operation. Still other interfaces provide methods for operating on group policy related data, including group policy object backup, restore, import, copy and create methods, and methods for linking group policy objects to scope of management objects.
-
Citations
7 Claims
-
1. In a computing environment, a method comprising:
-
receiving a request to manage security settings of a group policy data construct; generating a permissions table based on security information associated with the group policy data construct, wherein each row in the permissions table corresponds to a trustee and each column in the permissions table corresponds to a directory service permission, wherein each cell in the permissions table contains data regarding an access state, whether the access state is inherited, and whether the access state is inheritable; changing the permissions table to satisfy the request; saving security settings to the group policy data construct based on the changed permissions table; and performing a check of the permissions table to determine whether each access state is either in a state of allowed or in a state of denied. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification
-
- Resources
-
Current AssigneeMicrosoft Technology Licensing LLC (Microsoft Corporation)
-
Original AssigneeMicrosoft Corporation
-
InventorsCheng, Derek C.Y., Treit, Mike A. JR., Gupta, Rahul, Tanner, Carey, Whalen, William J., Shaji, Ullattil
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current726/1
-
CPC Class CodesH04L 41/082 the condition being updates...H04L 41/084 Configuration by using pre-...H04L 41/0856 by backing up or archiving ...H04L 41/0893 Assignment of logical group...H04L 41/0894 Policy-based network config...
