Although IT managers likely havent heard of tiny Vintela Inc., eWEEK Labs tests show the companys namesake Group Policy offering could be just the ticket for Windows-oriented shops that want to manage Unix and Linux systems from a single interface. VGP (Vintela Group Policy) 1.0, released last month and costing $5 per user and $50 per server license, should be a hit with Microsoft Corp. Windows Group Policy aficionados. After integrating Red Hat Inc. Fedora Core 2 Linux servers into a Microsoft Windows Active Directory domain and loading VAS (Vintela Authentication Services), we could apply user log-on scripts, along with a host of other Group Policy tasks, almost as if the test machines were native Active Directory objects.VGP uses the Kerberos function in Active Directory as a standards-based strong network authentication tool. For IT managers who need to live up to the audit requirements of the Sarbanes-Oxley Act and HIPAA (Health Insurance Portability and Accountability Act), using VGP and VAS could significantly reduce compliance costs. Although VGP is a newcomer, we think its well worth considering as a part of a tool kit for heterogeneous system management. During tests, we were able to apply group policies with ease to users logging in to a variety of Linux operating systems, including Novell Inc.s SuSE Linux. But this ease came only after some painstaking configuration of VAS on SuSE Linux systems running on IBM 325 eServers. Once we integrated the Linux systems into Windows Active Directory, it was a fairly simple matter to use the VGP extensions to the MMC (Microsoft Management Console) to control our systems. VGP adds a Unix tab to the MMC properties box associated with each non-Windows system where it is installed. VGP is a first-release product, and there are very few out-of-the-box conveniences. However, we found that two Linux/Unix commands, chron and sudo, can start some batch reporting jobs after work hours, and execute commands as the root user, respectively. Company officials made it clear that other commands and tools will be included in subsequent releases. Even though some parts of VGP were a bit thin on the ground, Vintela has been working for the last three years to develop a variety of system tools to integrate Unix/Linux and Windows management. This work showed in some sophisticated account procedures we used during testing. Strong user access control and account override configurations are the most important features in the cadre of nicely developed capabilities in VGP. Many Linux and Unix applications require local user account authentication, and (after loading the VAS software on our various Linux systems), we could set up user access control in Group Policy with very little effort. Furthermore, we could designate the location of a shell command depending on which Linux system a user accessed. This sophisticated feature was fairly simple to implement, and IT managers likely wont incur significant training costs for VGP if they already have Windows Group Policy experts on hand. Even shops that dont practice the gospel according to Microsoft might want to take a look at using VGP and Group Policy to administer heterogeneous systems. Technical Director Cameron Sturdevant is at email@example.com. Check out eWEEK.coms Linux & Open Source Center at http://linux.eweek.com for the latest open-source news, reviews and analysis.
Click here to read a review of Softerras LDAP Administrator 3.1, which allows administrators to corral disparate directories.