Systems and methods for managing policies on a computer
CAFCFirst Claim
1. A computer system comprising:
- a Unix computer having a Unix operating system, a tangible storage medium, and a computer processor;
a translator manager stored in the tangible storage medium; and
a translator stored in the tangible storage medium, wherein the Unix computer is configured to be connected to a heterogeneous computer network having computers with multiple operating systems, including at least the Unix computer and a Windows computer that cannot natively manage configuration information on the Unix computer, so as to transform the heterogeneous computer network into a transformed heterogeneous computer network in which the Windows computer uses Windows native policies to manage configuration information on the Unix computer, wherein the transformed heterogeneous computer network comprises;
the Windows computer, having a Windows policy editor configured to create policies that can be read, in their native format, by a Windows client computer to set policy settings on the Windows client computer but that cannot be read, in their native format, by a Unix client computer to set policy settings on the Unix client computer;
the Unix computer, wherein execution of the translator manager and the translator by the computer processor causes the Unix computer to;
receive a Windows policy that was constructed on the Windows computer according to a policy standard developed for and utilized by, the Windows operating system, wherein the Unix operating system does not directly utilize the policy standard developed for, and utilized by, the Windows operating system;
execute the translator, the translator configured to execute under the Unix operating system and translate the Windows policy from the policy standard developed for, and utilized by the Windows operating system to configuration information usable by the Unix operating system;
store the configuration information on the Unix computer;
maintain an association between the Windows policy and the configuration information;
detect a change to the Windows policy on the Windows computer;
determine that the configuration information on the Unix computer, for which there is an association with the changed Windows policy, needs to be changed;
execute the translator to translate the changed Windows policy into changed configuration information usable by the Unix operating system; and
store the changed configuration information on the Unix computer;
wherein the Windows policy is a Windows policy file used to set configurable options for at least one computer user, and wherein, after translation by the Unix computer, the Windows policy remains centrally managed and updated by the Windows computer, and updates to the policy are propagated to the Unix computer, such that use of Windows native policies is extended to allow an administrator to use Windows native policies to manage configuration information on the Unix computer.
27 Assignments
0 Petitions
Reexamination
Accused Products
Abstract
An apparatus, system, and method are disclosed for managing policies on a computer having a foreign operating system. Policies may specify hardware or software configuration information. Policies on a first computer with a native operating system are translated into configuration information usable on a second computer having a foreign operating system. In an embodiment, a translator manager manages the association between the policy on the first computer and the translator on the second computer. Computer management complexity and information technology management costs are reduced by centralizing computer management on the native operating system. Further reductions in management complexity are realized when the present invention is used in conjunction with network directory services.
413 Citations
19 Claims
-
1. A computer system comprising:
-
a Unix computer having a Unix operating system, a tangible storage medium, and a computer processor; a translator manager stored in the tangible storage medium; and a translator stored in the tangible storage medium, wherein the Unix computer is configured to be connected to a heterogeneous computer network having computers with multiple operating systems, including at least the Unix computer and a Windows computer that cannot natively manage configuration information on the Unix computer, so as to transform the heterogeneous computer network into a transformed heterogeneous computer network in which the Windows computer uses Windows native policies to manage configuration information on the Unix computer, wherein the transformed heterogeneous computer network comprises; the Windows computer, having a Windows policy editor configured to create policies that can be read, in their native format, by a Windows client computer to set policy settings on the Windows client computer but that cannot be read, in their native format, by a Unix client computer to set policy settings on the Unix client computer; the Unix computer, wherein execution of the translator manager and the translator by the computer processor causes the Unix computer to; receive a Windows policy that was constructed on the Windows computer according to a policy standard developed for and utilized by, the Windows operating system, wherein the Unix operating system does not directly utilize the policy standard developed for, and utilized by, the Windows operating system; execute the translator, the translator configured to execute under the Unix operating system and translate the Windows policy from the policy standard developed for, and utilized by the Windows operating system to configuration information usable by the Unix operating system; store the configuration information on the Unix computer; maintain an association between the Windows policy and the configuration information; detect a change to the Windows policy on the Windows computer; determine that the configuration information on the Unix computer, for which there is an association with the changed Windows policy, needs to be changed; execute the translator to translate the changed Windows policy into changed configuration information usable by the Unix operating system; and store the changed configuration information on the Unix computer; wherein the Windows policy is a Windows policy file used to set configurable options for at least one computer user, and wherein, after translation by the Unix computer, the Windows policy remains centrally managed and updated by the Windows computer, and updates to the policy are propagated to the Unix computer, such that use of Windows native policies is extended to allow an administrator to use Windows native policies to manage configuration information on the Unix computer. - View Dependent Claims (2, 3)
-
-
4. A method of managing policies on a computer having a Linux operating system, the method comprising:
-
storing a translator manager in a tangible storage medium of a Linux computer connected to a heterogeneous computer network having computers with multiple operating systems, including at least the Linux computer and a Windows computer that has a Windows policy editor configured to create policies that can be read, in their native format, by a Windows client computer to set policy settings on the Windows client computer but that cannot be read, in their native format, by a Linux client computer to set policy settings on the Linux client computer; and storing a translator in a tangible storage medium of the Linux computer, wherein execution of the translator manager and the translator by a computer processor of the Linux computer causes the Linux computer to; receive a Windows policy that was constructed on the Windows computer according to a policy standard developed for and utilized by, the Windows operating system, wherein the Linux operating system does not directly utilize the policy standard developed for, and utilized by, the Windows operating system; execute the translator, the translator configured to execute under the Linux operating system and translate the Windows policy from the policy standard developed for, and utilized by the Windows operating system to configuration information usable by the Linux operating system; store the configuration information on the Linux computer; maintain an association between the Windows policy and the configuration information; detect a change to the Windows policy on the Windows computer; determine that the configuration information on the Linux computer, for which there is an association with the changed Windows policy, needs to be changed; execute the translator to translate the changed Windows policy into changed configuration information usable by the Linux operating system; and store the changed configuration information on the Linux computer; wherein the Windows policy is a Windows policy file that can be associated with an object in a Windows directory service, and wherein, after translation by the Linux computer, the Windows policy remains centrally managed and updated by the Windows computer, and updates to the policy are propagated to the Linux computer, such that use of Windows native policies is extended to allow an administrator to use Windows native policies to manage configuration information on the Linux computer. - View Dependent Claims (5, 6)
-
-
7. A signal bearing medium tangibly embodying a program of machine-readable instructions executable by a digital processing apparatus to perform operations to manage policies on a computer having a non-Windows operating system, the operations comprising:
-
receiving a Windows policy on a second computer having a non-Windows operating system, the Windows policy constructed on a first computer having a Windows operating system according to a policy standard developed for and utilized by, the Windows operating system, wherein the non-Windows operating system does not directly utilize the policy standard developed for, and utilized by, the Windows operating system; and executing a translator on the second computer, the translator configured to execute under the non-Windows operating system and translate the Windows policy from the policy standard developed for, and utilized by the Windows operating system to configuration information usable by the non-Windows operating system; storing the configuration information on the non-Windows computer; maintaining an association between the Windows policy and the configuration information; detecting a change to the Windows policy on the Windows computer; determining that the configuration information on the non-Windows computer, for which there is an association with the changed Windows policy, needs to be changed; executing the translator to translate the changed Windows policy into changed configuration information usable by the non-Windows operating system; and storing the changed configuration information on non-Windows computer; wherein the policy is used to set configurable options of the second computer such that the first computer at least partially manages configuration of the second computer, and wherein, after translation by the non-Windows computer, the Windows policy remains centrally managed and updated by the Windows computer, and updates to the policy are propagated to the non-Windows computer, such that use of Windows native policies is extended to allow an administrator to use Windows native policies to manage configuration information on the non-Windows computer. - View Dependent Claims (8, 9)
-
-
10. A group policy management system comprising:
-
a first computer having a Windows operating system and configured to create a group policy in a format that is native to the Windows operating system and that defines configuration of at least one application for each of a plurality of users within a group and to transmit the group policy to a plurality of other computers, wherein the first computer cannot natively manage configuration information on a non-Windows computer and wherein the group policy can be read, in its native format, by a Windows client computer to set policy settings on the Windows client computer but cannot be read, in its native format, by a non-Windows client computer to set policy settings on the non-Windows client computer; and a second computer having a non-Windows operating system and configured to; receive a group policy from the first computer in the format that is native to the Windows operating system; translate the group policy into a translated group policy that has a format that is native to the non-Windows operating system; apply the translated group policy on the second computer, thereby configuring at least one application in accordance with the group policy; maintain an association between the group policy on the first computer and the translated group policy on the second computer; detect a change to the group policy on the first computer; determine that the translated group policy on the second computer, for which there is an association with the changed group policy on the first computer, needs to be changed; translate the changed group policy on the first computer into a changed translated group policy; and apply the changed translated group policy on the second computer; wherein the group policy is used to set configurable options of the second computer such that the first computer at least partially manages configuration of the second computer, and wherein, after translation by the second computer, the Windows policy remains centrally managed and updated by the first computer, and updates to the policy are propagated to the second computer, such that use of Windows native policies is extended to allow an administrator to use Windows native policies to manage configuration information on the second computer. - View Dependent Claims (11, 12)
-
-
13. A group policy execution system comprising computer hardware configured to perform operations comprising:
-
receiving, at a computer having a non-Windows operating system, a Windows group policy that has a format that is native to a Windows operating system but is not native to the non-Windows operating system and that defines configuration information for each of a plurality of users within a group, wherein the Windows group policy can be read, in its native format, by a Windows client computer to set policy settings on the Windows client computer but cannot be read, in its native format, by a non-Windows client computer to set policy settings on the non-Windows client computer; translating the Windows group policy into a translated group policy that has a format that is native to the non-Windows operating system; and applying the translated group policy on the computer; maintaining an association between the Windows group policy and the translated group policy; detecting a change to the Windows group policy on the Windows computer; determining that the translated group policy on the non-Windows computer, for which there is an association with the changed Windows group policy, needs to be changed; translating the changed Windows group policy into a changed translated group policy; and applying the changed translated group policy on the computer; wherein the group policy is a Windows policy file used to set configurable options for a group of computer users, and wherein, after translation by the computer, the Windows group policy remains centrally managed and updated by the Windows computer, and updates to the policy are propagated to the computer, such that use of Windows native policies is extended to allow an administrator to use Windows native policies to manage configuration information on the computer. - View Dependent Claims (14, 15)
-
-
16. An application configuration policy execution system comprising computer hardware configured to perform operations comprising:
-
receiving, at a computer having a first operating system, an application configuration policy that has a format that is native to a second operating system but is not native to the first operating system and that defines a configuration of at least one application for each of a plurality of users within a group; translating the application configuration policy into a translated application configuration policy that has a format that is native to the first operating system; applying the translated application configuration policy on the computer, thereby configuring at least one application in accordance with the application configuration policy; maintaining an association between the application configuration policy and the translated application configuration policy; detecting a change to the application configuration policy; determining that the translated application configuration policy, for which there is an association with the changed application configuration policy, needs to be changed; translating the changed application configuration policy into a changed translated application configuration policy that has a format that is native to the first operating system; and applying the changed translated application configuration policy on the computer, thereby configuring at least one application in accordance with the changed application configuration policy, wherein, after translation by the computer, the application configuration policy remains centrally managed and updated under a format that is native to the second operating system, and updates to the application configuration policy are propagated to the computer, such that use of native policies under the second operating system is extended to allow an administrator to use policies native to the second operating system to manage application configuration policies on the computer having the first operating system. - View Dependent Claims (17, 18, 19)
-
Specification