The PowerBroker Identity Services, Enterprise Edition Feature Set

The feature set of PowerBroker Identity Services, Enterprise Edition makes the list of drivers for adopting AD bridge software a reality. Here's a list of the key features our AD bridge software provides:

For example, you can use a group policy to control who can use sudo for access to root-level privileges by specifying a common sudoers file for target computers. You could, for instance, create an Active Directory group called SudoUsers, add Active Directory users to the group, and then apply the sudo group policy to the container, giving those users sudo access on their Linux and Unix computers. In the sudoers file, you can specify Windows-style user names and identities. Using a group policy for sudo gives you a powerful method to remotely and uniformly audit and control access to Unix and Linux resources.

• A NIS migration tool that imports Linux, Unix, and Mac OS X password and group files -- typically /etc/passwd and /etc/group -- and automatically maps their UIDs and GIDs to users and groups defined in Active Directory.
• Highly secure Kerberos authentication for Unix, Linux, Mac, and Windows users and groups
• Access control and granular authorization based on a variety of methods.
• Group policies for Unix computers that you can centrally manage from Active Directory with the familiar Microsoft MMC tools: The Group Policy Object Editor and the Group Policy Management Console.
• Identity management of Unix users: Unix user identities are managed through Active Directory Users and Computers, or ADUC, a standard user management tool for Active Directory. It runs on Windows. In addition, our AD bridge solution includes a Likewise Administrative Console plugin that lets you manage AD users from a Linux or Mac computer.
• Kerberos-based single sign-on to Unix machines for users originating from Windows, and vice versa. Likewise provides SSO for Windows and Unix applications, including the following:

The BeyondTrust Administrative Console is an extensible service for running management applications, or snap-ins, on a Linux or Mac computer. The following BeyondTrust snap-ins are available after you install the console:

BeyondTrust Active Directory Users & Computers

Provides administrative access to users, computers, groups, organizational units, and BeyondTrust cells in Active Directory. You can add, delete, and modify the properties of Active Directory objects from your Linux desktop. It also serves as a Linux-side ADSI - you can use it to view and edit Active Directory attribute values.

Event Log View

Event Log View is an event logging component that stores authentication and security events in an embedded SQLite database.

BeyondTrust Group Policy Management Console

Ports the functionality of the GPMC to Linux and Mac computers.

Kerberos Manager

Administer Kerberos tickets, keytabs, and other aspects of Kerberos-based authentication with BeyondTrust.

Cell Manager

A BeyondTrust MMC snap-in for managing cells associated with Active Directory organizational units.

Local Users and Groups

Lets system administrators manage local users and groups on Windows computers from a Linux computer.

BeyondTrust Group Policy Object Editor

Create, modify, and manage your Active Directory group policies from a Linux or Mac computer.