Systems and methods for managing policies on a computer

CAFC

US 8,245,242 B2
Filed: 11/04/2009
Issued: 08/14/2012
Est. Priority Date: 07/09/2004
Status: Active Grant

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A computer system comprising:

a Unix computer having a Unix operating system, a tangible storage medium, and a computer processor;

a translator manager stored in the tangible storage medium; and

a translator stored in the tangible storage medium, wherein the Unix computer is configured to be connected to a heterogeneous computer network having computers with multiple operating systems, including at least the Unix computer and a Windows computer that cannot natively manage configuration information on the Unix computer, so as to transform the heterogeneous computer network into a transformed heterogeneous computer network in which the Windows computer uses Windows native policies to manage configuration information on the Unix computer, wherein the transformed heterogeneous computer network comprises;

the Windows computer, having a Windows policy editor configured to create policies that can be read, in their native format, by a Windows client computer to set policy settings on the Windows client computer but that cannot be read, in their native format, by a Unix client computer to set policy settings on the Unix client computer;

the Unix computer, wherein execution of the translator manager and the translator by the computer processor causes the Unix computer to;

receive a Windows policy that was constructed on the Windows computer according to a policy standard developed for and utilized by, the Windows operating system, wherein the Unix operating system does not directly utilize the policy standard developed for, and utilized by, the Windows operating system;

execute the translator, the translator configured to execute under the Unix operating system and translate the Windows policy from the policy standard developed for, and utilized by the Windows operating system to configuration information usable by the Unix operating system;

store the configuration information on the Unix computer;

maintain an association between the Windows policy and the configuration information;

detect a change to the Windows policy on the Windows computer;

determine that the configuration information on the Unix computer, for which there is an association with the changed Windows policy, needs to be changed;

execute the translator to translate the changed Windows policy into changed configuration information usable by the Unix operating system; and

store the changed configuration information on the Unix computer;

wherein the Windows policy is a Windows policy file used to set configurable options for at least one computer user, and wherein, after translation by the Unix computer, the Windows policy remains centrally managed and updated by the Windows computer, and updates to the policy are propagated to the Unix computer, such that use of Windows native policies is extended to allow an administrator to use Windows native policies to manage configuration information on the Unix computer.

View all claims

27 Assignments

Timeline View

Assignment View

0 Petitions

Reexamination

Accused Products

Abstract

An apparatus, system, and method are disclosed for managing policies on a computer having a foreign operating system. Policies may specify hardware or software configuration information. Policies on a first computer with a native operating system are translated into configuration information usable on a second computer having a foreign operating system. In an embodiment, a translator manager manages the association between the policy on the first computer and the translator on the second computer. Computer management complexity and information technology management costs are reduced by centralizing computer management on the native operating system. Further reductions in management complexity are realized when the present invention is used in conjunction with network directory services.

413 Citations

19 Claims

1. A computer system comprising:
- a Unix computer having a Unix operating system, a tangible storage medium, and a computer processor;
  
  a translator manager stored in the tangible storage medium; and
  
  a translator stored in the tangible storage medium, wherein the Unix computer is configured to be connected to a heterogeneous computer network having computers with multiple operating systems, including at least the Unix computer and a Windows computer that cannot natively manage configuration information on the Unix computer, so as to transform the heterogeneous computer network into a transformed heterogeneous computer network in which the Windows computer uses Windows native policies to manage configuration information on the Unix computer, wherein the transformed heterogeneous computer network comprises;
  
  the Windows computer, having a Windows policy editor configured to create policies that can be read, in their native format, by a Windows client computer to set policy settings on the Windows client computer but that cannot be read, in their native format, by a Unix client computer to set policy settings on the Unix client computer;
  
  the Unix computer, wherein execution of the translator manager and the translator by the computer processor causes the Unix computer to;
  
  receive a Windows policy that was constructed on the Windows computer according to a policy standard developed for and utilized by, the Windows operating system, wherein the Unix operating system does not directly utilize the policy standard developed for, and utilized by, the Windows operating system;
  
  execute the translator, the translator configured to execute under the Unix operating system and translate the Windows policy from the policy standard developed for, and utilized by the Windows operating system to configuration information usable by the Unix operating system;
  
  store the configuration information on the Unix computer;
  
  maintain an association between the Windows policy and the configuration information;
  
  detect a change to the Windows policy on the Windows computer;
  
  determine that the configuration information on the Unix computer, for which there is an association with the changed Windows policy, needs to be changed;
  
  execute the translator to translate the changed Windows policy into changed configuration information usable by the Unix operating system; and
  
  store the changed configuration information on the Unix computer;
  
  wherein the Windows policy is a Windows policy file used to set configurable options for at least one computer user, and wherein, after translation by the Unix computer, the Windows policy remains centrally managed and updated by the Windows computer, and updates to the policy are propagated to the Unix computer, such that use of Windows native policies is extended to allow an administrator to use Windows native policies to manage configuration information on the Unix computer.
- View Dependent Claims (2, 3)
- - 2. The system of claim 1, wherein the Windows policy defines configuration of at least one application for each of a plurality of users within a group.
  - 3. The system of claim 1, wherein the Windows policy defines configuration information for each of a plurality of users within a group.

4. A method of managing policies on a computer having a Linux operating system, the method comprising:
- storing a translator manager in a tangible storage medium of a Linux computer connected to a heterogeneous computer network having computers with multiple operating systems, including at least the Linux computer and a Windows computer that has a Windows policy editor configured to create policies that can be read, in their native format, by a Windows client computer to set policy settings on the Windows client computer but that cannot be read, in their native format, by a Linux client computer to set policy settings on the Linux client computer; and
  
  storing a translator in a tangible storage medium of the Linux computer, wherein execution of the translator manager and the translator by a computer processor of the Linux computer causes the Linux computer to;
  
  receive a Windows policy that was constructed on the Windows computer according to a policy standard developed for and utilized by, the Windows operating system, wherein the Linux operating system does not directly utilize the policy standard developed for, and utilized by, the Windows operating system;
  
  execute the translator, the translator configured to execute under the Linux operating system and translate the Windows policy from the policy standard developed for, and utilized by the Windows operating system to configuration information usable by the Linux operating system;
  
  store the configuration information on the Linux computer;
  
  maintain an association between the Windows policy and the configuration information;
  
  detect a change to the Windows policy on the Windows computer;
  
  determine that the configuration information on the Linux computer, for which there is an association with the changed Windows policy, needs to be changed;
  
  execute the translator to translate the changed Windows policy into changed configuration information usable by the Linux operating system; and
  
  store the changed configuration information on the Linux computer;
  
  wherein the Windows policy is a Windows policy file that can be associated with an object in a Windows directory service, and wherein, after translation by the Linux computer, the Windows policy remains centrally managed and updated by the Windows computer, and updates to the policy are propagated to the Linux computer, such that use of Windows native policies is extended to allow an administrator to use Windows native policies to manage configuration information on the Linux computer.
- View Dependent Claims (5, 6)
- - 5. The method of claim 4, wherein the Windows policy defines configuration of at least one application for each of a plurality of users within a group.
  - 6. The method of claim 4, wherein the Windows policy defines configuration information for each of a plurality of users within a group.

7. A signal bearing medium tangibly embodying a program of machine-readable instructions executable by a digital processing apparatus to perform operations to manage policies on a computer having a non-Windows operating system, the operations comprising:
- receiving a Windows policy on a second computer having a non-Windows operating system, the Windows policy constructed on a first computer having a Windows operating system according to a policy standard developed for and utilized by, the Windows operating system, wherein the non-Windows operating system does not directly utilize the policy standard developed for, and utilized by, the Windows operating system; and
  
  executing a translator on the second computer, the translator configured to execute under the non-Windows operating system and translate the Windows policy from the policy standard developed for, and utilized by the Windows operating system to configuration information usable by the non-Windows operating system;
  
  storing the configuration information on the non-Windows computer;
  
  maintaining an association between the Windows policy and the configuration information;
  
  detecting a change to the Windows policy on the Windows computer;
  
  determining that the configuration information on the non-Windows computer, for which there is an association with the changed Windows policy, needs to be changed;
  
  executing the translator to translate the changed Windows policy into changed configuration information usable by the non-Windows operating system; and
  
  storing the changed configuration information on non-Windows computer;
  
  wherein the policy is used to set configurable options of the second computer such that the first computer at least partially manages configuration of the second computer, and wherein, after translation by the non-Windows computer, the Windows policy remains centrally managed and updated by the Windows computer, and updates to the policy are propagated to the non-Windows computer, such that use of Windows native policies is extended to allow an administrator to use Windows native policies to manage configuration information on the non-Windows computer.
- View Dependent Claims (8, 9)
- - 8. The signal bearing medium of claim 7, wherein the Windows policy defines configuration of at least one application for each of a plurality of users within a group.
  - 9. The signal bearing medium of claim 7, wherein the Windows policy defines configuration information for each of a plurality of users within a group.

10. A group policy management system comprising:
- a first computer having a Windows operating system and configured to create a group policy in a format that is native to the Windows operating system and that defines configuration of at least one application for each of a plurality of users within a group and to transmit the group policy to a plurality of other computers, wherein the first computer cannot natively manage configuration information on a non-Windows computer and wherein the group policy can be read, in its native format, by a Windows client computer to set policy settings on the Windows client computer but cannot be read, in its native format, by a non-Windows client computer to set policy settings on the non-Windows client computer; and
  
  a second computer having a non-Windows operating system and configured to;
  
  receive a group policy from the first computer in the format that is native to the Windows operating system;
  
  translate the group policy into a translated group policy that has a format that is native to the non-Windows operating system;
  
  apply the translated group policy on the second computer, thereby configuring at least one application in accordance with the group policy;
  
  maintain an association between the group policy on the first computer and the translated group policy on the second computer;
  
  detect a change to the group policy on the first computer;
  
  determine that the translated group policy on the second computer, for which there is an association with the changed group policy on the first computer, needs to be changed;
  
  translate the changed group policy on the first computer into a changed translated group policy; and
  
  apply the changed translated group policy on the second computer;
  
  wherein the group policy is used to set configurable options of the second computer such that the first computer at least partially manages configuration of the second computer, and wherein, after translation by the second computer, the Windows policy remains centrally managed and updated by the first computer, and updates to the policy are propagated to the second computer, such that use of Windows native policies is extended to allow an administrator to use Windows native policies to manage configuration information on the second computer.
- View Dependent Claims (11, 12)
- - 11. The system of claim 10, further comprising a third computer having a Windows operating system and configured to receive the Windows group policy from the first computer and to apply the group policy on the third computer.
  - 12. The system of claim 11, further comprising a fourth computer having a non-Windows operating system that is different from the non-Windows operating system on the second computer and that is configured to receive a group policy from the first computer in the format that is native to the Windows operating system, to translate the group policy into a translated group policy that has a format that is native to the non-Windows operating system of the fourth computer, and to apply the group policy on the fourth computer.

13. A group policy execution system comprising computer hardware configured to perform operations comprising:
- receiving, at a computer having a non-Windows operating system, a Windows group policy that has a format that is native to a Windows operating system but is not native to the non-Windows operating system and that defines configuration information for each of a plurality of users within a group, wherein the Windows group policy can be read, in its native format, by a Windows client computer to set policy settings on the Windows client computer but cannot be read, in its native format, by a non-Windows client computer to set policy settings on the non-Windows client computer;
  
  translating the Windows group policy into a translated group policy that has a format that is native to the non-Windows operating system; and
  
  applying the translated group policy on the computer;
  
  maintaining an association between the Windows group policy and the translated group policy;
  
  detecting a change to the Windows group policy on the Windows computer;
  
  determining that the translated group policy on the non-Windows computer, for which there is an association with the changed Windows group policy, needs to be changed;
  
  translating the changed Windows group policy into a changed translated group policy; and
  
  applying the changed translated group policy on the computer;
  
  wherein the group policy is a Windows policy file used to set configurable options for a group of computer users, and wherein, after translation by the computer, the Windows group policy remains centrally managed and updated by the Windows computer, and updates to the policy are propagated to the computer, such that use of Windows native policies is extended to allow an administrator to use Windows native policies to manage configuration information on the computer.
- View Dependent Claims (14, 15)
- - 14. The system of claim 13, wherein the Windows group policy defines configuration of at least one application for each of a plurality of users within a group.
  - 15. The system of claim 13, wherein the Windows group policy facilitates management of a group of computers.

16. An application configuration policy execution system comprising computer hardware configured to perform operations comprising:
- receiving, at a computer having a first operating system, an application configuration policy that has a format that is native to a second operating system but is not native to the first operating system and that defines a configuration of at least one application for each of a plurality of users within a group;
  
  translating the application configuration policy into a translated application configuration policy that has a format that is native to the first operating system;
  
  applying the translated application configuration policy on the computer, thereby configuring at least one application in accordance with the application configuration policy;
  
  maintaining an association between the application configuration policy and the translated application configuration policy;
  
  detecting a change to the application configuration policy;
  
  determining that the translated application configuration policy, for which there is an association with the changed application configuration policy, needs to be changed;
  
  translating the changed application configuration policy into a changed translated application configuration policy that has a format that is native to the first operating system; and
  
  applying the changed translated application configuration policy on the computer, thereby configuring at least one application in accordance with the changed application configuration policy, wherein, after translation by the computer, the application configuration policy remains centrally managed and updated under a format that is native to the second operating system, and updates to the application configuration policy are propagated to the computer, such that use of native policies under the second operating system is extended to allow an administrator to use policies native to the second operating system to manage application configuration policies on the computer having the first operating system.
- View Dependent Claims (17, 18, 19)
- - 17. The system of claim 16, wherein the application configuration policy controls behavior of an application for each user within a group.
  - 18. The system of claim 16, wherein the application configuration policy is a group policy.
  - 19. The system of claim 18, wherein the group policy facilitates management of a group of computers.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Quest Software, Inc.
Original Assignee
Quest Software, Inc.
Inventors
Peterson, Matthew T., Peterson, Daniel F.
Primary Examiner(s)
Ho, Andy

Application Number

US12/612,569
Publication Number

US 20100050232A1
Time in Patent Office

1,014 Days
Field of Search

719/319, 709/201, 709/220, 709/223
US Class Current

719/319
CPC Class Codes

G06F 21/6236   between heterogeneous systems

H04L 41/0866   Checking the configuration

H04L 41/0893   Assignment of logical group...

H04L 41/0894   Policy-based network config...

Systems and methods for managing policies on a computer

First Claim

27 Assignments

0 Petitions

Reexamination

Accused Products

Abstract

413 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for managing policies on a computer

First Claim

27 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Reexamination

Accused Products

Subscription Required

Abstract

413 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links