File System Settings in AD Bridge

GPO Name Description
Files, Directories and Links

You can define a group policy to create directories, files, commands, and symbolic links on target computers. This policy can be applied to either computers or users.

The policy, which is not inherited, does not concatenate a series of settings across multiple group policy objects in different locations in the Active Directory hierarchy. Instead, the closest local policy object is applied.

You can add more than one script when setting up scripts using this policy setting. All scripts will automatically merge and run. Note that a script can be applied at the system level using the Run Scripts policy.

For example, you might want to run a common script (for example, /etc/resolv.config) on all systems but then configure other scripts that are different depending on the system (for example, /etc/sysconfig/iptables). Configure the system specific policies using a Files, Directories and Links policy setting.

When setting up the local user or local group, you can prefix the ID with a number sign (#). AD Bridge Enterprise does not validate a user or group ID prefixed by a number sign; you must provide a valid user or a valid group. To use the ID of 0 for the root account, however, do not use the # prefix.

AutoMount

Starts a daemon that automatically mounts a file system on target computers. When a user tries to access an unmounted file system, the file that you associate with this policy automatically mounts it.

If Apply Policy is set to Always (default), any changes to managed system files on the agent system will be replaced when group policy is next applied. If a managed system file is edited or removed, gpupdate will recreate the file on policy refresh. If set to Once, any changes to managed system files on the agent system will only be replaced when the policy is updated or gpagent is restarted.

Backups of existing system files are performed before initial policy application.

Files System Mounts (fstab)

Create a group policy for the file systems table, or fstab, on target computers and add mount entries to it by using a graphical user interface. Fstab, typically located in /etc/fstab, is a configuration file that specifies how a computer is to mount partitions and storage devices.

The mount entries are appended to the contents of /etc/fstab (/etc/vfstab on Solaris), but the file systems are not mounted until you explicitly mount them using a command such as mount -a even though the group policy has been polled by the target computer.

To mount the file systems, you can do one of the following:

  • Log on to the target computer and execute the mount -a command (or a similar command, depending on your operating system) or restart the computer.
  • Run a cron job that resets the mounts remotely or restarts the computer.

 

If Apply Policy is set to Always (default), any changes to managed system files on the agent system will be replaced when group policy is next applied. If a managed system file is edited or removed, gpupdate will recreate the file on policy refresh. If set to Once, any changes to managed system files on the agent system will only be replaced when the policy is updated or gpagent is restarted.

Backups of existing system files are performed before initial policy application.