Privilege Management for Unix & Linux Servers Settings

This section describes how to use Privilege Management for Unix & Linux Servers to configure policy settings to support Privilege Management for Unix & Linux Servers.

Using the Privilege Management for Unix & Linux Servers Rule Editor and configuration file, you can create and change simple Privilege Management for Unix & Linux Servers policy rules.

Using the Rule Editor, you can enable or disable specific rules.

Privilege Management for Unix & Linux Servers policy data can be exported to a local file, edited manually, and imported to Active Directory from a local file.

Policy Rules Data

The policy data is saved to a .csv file. When the client-side agent applies the data from this Group Policy setting to a Privilege Management for Unix & Linux Servers Policy Server, the resulting collection of policy rules data will be at the following location: /etc/pb/Policy.csv.

If more than one Group Policy Object (GPO) has defined Policy Rules Data in the Active Directory policy hierarchy that applies to a given Privilege Management for Unix & Linux Servers Policy Server computer, the client-side agent determines which of all the policy settings should be applied based on targeting (filtering by host, system type), and precedence (link order and hierarchy). The resultant set of policy rules data is combined and written to the final /etc/pb/Policy.csv file to represent the union of all rules.

For more information, see Export, Manually Edit, and Import PMUL Rules.

Priority of Rules Within a GPO

Priority of rules within a GPO is defined in the Privilege Management for Unix & Linux Servers GPO Properties dialog box. If multiple GPOs containing Privilege Management for Unix & Linux Servers policy settings are applicable to a Privilege Management for Unix & Linux Servers Policy Server, the processing order of the GPOs is defined by their relative position in the Active Directory hierarchy. The closer a GPO is to the Privilege Management for Unix & Linux Servers Policy Server, the higher priority it has.