公开(公告)号：US07299410B2

公开(公告)日：2007-11-20

申请号：US10612759

申请日：2003-07-01

申请人： David Kays ,  Ullattil Shaji ,  William J. Whalen ,  Nick Carlson ,  Derek C. Y. Cheng ,  Rhynier Myburgh ,  Rahul Gupta ,  Kenik Hassel

发明人： David Kays ,  Ullattil Shaji ,  William J. Whalen ,  Nick Carlson ,  Derek C. Y. Cheng ,  Rhynier Myburgh ,  Rahul Gupta ,  Kenik Hassel

IPC分类号： G06F5/00

CPC分类号： G06F17/30941 ,  G06F17/30908 ,  G06F17/30914

摘要： A system and method comprising a reporting mechanism for outputting an HMTL and XML document from a collection of hierarchically maintained settings such as group policy object settings or resultant set of policy data. The reporting mechanism provides a substantially complete view of which settings are configured (enabled) in a given group policy object, or a view for a resultant set of policy (that is applied to a given SOM), along with the values of the settings. The markup language format enables viewing a flat representation of the settings, and printing, saving and/or transporting of the settings. XML schemas describe a valid representation of group policy settings, and a valid representation of resultant set of policy.

摘要翻译： 一种系统和方法，包括用于从诸如组策略对象设置或结果集合的策略数据的分层维护设置的集合输出HMTL和XML文档的报告机制。 报告机制提供了在给定组策略对象中配置（启用）哪些设置或针对结果策略集（应用于给定SOM）的视图以及设置值的基本完整视图。 标记语言格式可以查看设置的平面表示，以及打印，保存和/或传送设置。 XML模式描述组策略设置的有效表示，以及有效的表示形式的策略组合。

公开(公告)号：US08117230B2

公开(公告)日：2012-02-14

申请号：US12464108

申请日：2009-05-12

申请人： Ullattil Shaji ,  Rahul Gupta ,  Derek C. Y. Cheng ,  William J. Whalen ,  Carey Tanner ,  Mike A. Treit, Jr.

发明人： Ullattil Shaji ,  Rahul Gupta ,  Derek C. Y. Cheng ,  William J. Whalen ,  Carey Tanner ,  Mike A. Treit, Jr.

IPC分类号： G06F17/30

CPC分类号： H04L41/0856 ,  H04L41/082 ,  H04L41/084 ,  H04L41/0893

摘要： A system and method for managing group policy objects in a network, including interfaces that allow access by programs or a user interface component to functions of a group policy management console that performs management tasks on group policy objects and other related objects. The interfaces abstract the underlying data storage and retrieval, thereby facilitating searching for objects, and providing the ability to delegate, view, change and permissions on those objects, and check and save those permissions. Modeling and other test simulations are facilitated by other interfaces. Other interfaces provide dynamic and interactive features, such as to convey progress and rich status messages, and allow canceling of an ongoing operation. Still other interfaces provide methods for operating on group policy related data, including group policy object backup, restore, import, copy and create methods, and methods for linking group policy objects to scope of management objects.

摘要翻译： 一种用于管理网络中的组策略对象的系统和方法，包括允许程序或用户界面组件访问在组策略对象和其他相关对象上执行管理任务的组策略管理控制台功能的接口。 接口抽象底层数据存储和检索，从而便于搜索对象，并提供对这些对象的委托，查看，更改和权限的能力，并检查并保存这些权限。 其他接口便利建模和其他测试模拟。 其他接口提供动态和交互功能，例如传达进度和丰富的状态消息，并允许取消正在进行的操作。 还有其他接口提供了对组策略相关数据进行操作的方法，包括组策略对象备份，恢复，导入，复制和创建方法以及将组策略对象链接到管理对象范围的方法。

公开(公告)号：US20090222884A1

公开(公告)日：2009-09-03

申请号：US12464108

申请日：2009-05-12

申请人： Ullattil Shaji ,  Rahul Gupta ,  Derek C.Y. Cheng ,  William J. Whalen ,  Carey Tanner ,  Mike A. Treit, JR.

发明人： Ullattil Shaji ,  Rahul Gupta ,  Derek C.Y. Cheng ,  William J. Whalen ,  Carey Tanner ,  Mike A. Treit, JR.

IPC分类号： H04L9/00

CPC分类号： H04L41/0856 ,  H04L41/082 ,  H04L41/084 ,  H04L41/0893

摘要： A system and method for managing group policy objects in a network, including interfaces that allow access by programs or a user interface component to functions of a group policy management console that performs management tasks on group policy objects and other related objects. The interfaces abstract the underlying data storage and retrieval, thereby facilitating searching for objects, and providing the ability to delegate, view, change and permissions on those objects, and check and save those permissions. Modeling and other test simulations are facilitated by other interfaces. Other interfaces provide dynamic and interactive features, such as to convey progress and rich status messages, and allow canceling of an ongoing operation. Still other interfaces provide methods for operating on group policy related data, including group policy object backup, restore, import, copy and create methods, and methods for linking group policy objects to scope of management objects.

摘要翻译： 一种用于管理网络中的组策略对象的系统和方法，包括允许程序或用户界面组件访问在组策略对象和其他相关对象上执行管理任务的组策略管理控制台功能的接口。 接口抽象底层数据存储和检索，从而便于搜索对象，并提供对这些对象的委托，查看，更改和权限的能力，并检查并保存这些权限。 其他接口便利建模和其他测试模拟。 其他接口提供动态和交互功能，例如传达进度和丰富的状态消息，并允许取消正在进行的操作。 还有其他接口提供了对组策略相关数据进行操作的方法，包括组策略对象备份，恢复，导入，复制和创建方法以及将组策略对象链接到管理对象范围的方法。

公开(公告)号：US08244841B2

公开(公告)日：2012-08-14

申请号：US10410865

申请日：2003-04-09

申请人： Ullattil Shaji ,  Rahul Gupta ,  William J. Whalen

发明人： Ullattil Shaji ,  Rahul Gupta ,  William J. Whalen

IPC分类号： G06F7/00 ,  G06F17/00 ,  G06F15/173

CPC分类号： G06F11/1469 ,  G06F11/1415 ,  G06F11/1458

摘要： A system and method for performing various operations on group policy objects, by manipulating group policy objects as a single entity to perform backup, restore, import and copy operations. The backup operation transfers the various subparts of a selected group policy object to a file system. A restore operation restores a backed-up group policy object to its domain, in the same state as when the backup was performed. An import operation transfers the settings within a backed-up source group policy object to a destination group policy object, erasing its previous settings. A copy operation transfers the settings from a source group policy object to a new group policy object. Copy and import operations can be cross-domain, and a migration table can be used to convert security group and UNC pathnames as appropriate for the destination domain. Backup management, rollback of incomplete operations, and support for application deployment are also provided.

摘要翻译： 通过将组策略对象作为单个实体来执行备份，还原，导入和复制操作，对组策略对象执行各种操作的系统和方法。 备份操作将所选组策略对象的各个子部分传输到文件系统。 恢复操作将备份的组策略对象恢复到其域，处于与执行备份时相同的状态。 导入操作将备份的源组策略对象中的设置传输到目标组策略对象，擦除其以前的设置。 复制操作将设置从源组策略对象传输到新的组策略对象。 复制和导入操作可以是跨域的，并且迁移表可用于转换适用于目标域的安全组和UNC路径名。 还提供了备份管理，不完整操作的回滚和应用程序部署的支持。

公开(公告)号：US08316455B2

公开(公告)日：2012-11-20

申请号：US13015018

申请日：2011-01-27

申请人： Collin H. Brace ,  Nathan D. Muggli ,  William B. Lees ,  William J. Whalen

发明人： Collin H. Brace ,  Nathan D. Muggli ,  William B. Lees ,  William J. Whalen

IPC分类号： H04L29/06

CPC分类号： G06F21/6209 ,  H04L9/0827

摘要： Accessing a data set with secret and non-secret data. A method includes accessing a data set image. The data set image comprises secret data. The data set image is derived from an authorized data set associated with a master key that authorizes access to the secret data. The master key is not provided with the data set image. The method further comprises restoring the data set image to a computing system to create a degraded data set. Data in the degraded data set other than the secret data is accessed without restoring the master key.

摘要翻译： 访问具有秘密和非秘密数据的数据集。 一种方法包括访问数据集图像。 数据集图像包括秘密数据。 数据集图像从授权访问秘密数据的主密钥相关联的授权数据集导出。 主密钥没有提供数据集图像。 该方法还包括将数据集映像恢复到计算系统以创建劣化数据集。 在不恢复主密钥的情况下访问除秘密数据之外的劣化数据集中的数据。

公开(公告)号：US07783672B2

公开(公告)日：2010-08-24

申请号：US10410887

申请日：2003-04-09

申请人： William J. Whalen ,  Carey Tanner ,  Matthew Wetmore

发明人： William J. Whalen ,  Carey Tanner ,  Matthew Wetmore

IPC分类号： G06F17/30 ,  G06F7/00

CPC分类号： H04L41/22 ,  H04L41/0893

摘要： Provided are support mechanisms for a user interface mechanism that performs group policy management. The support mechanisms include a context menu map that provides a consistent and efficient way to generate interactive context menus for nodes using only straightforward declarations. The declarations are processed to invoke code with corresponding parameters that in turn generates a data structure corresponding to a context menu that is to be displayed. The data structure is processed into another data structure, from which data is extracted to meet the requirements of a hosting management application. An intermediary communications object is provided to separate the user interface into multiple components which each exchange data. A progress dialog is also provided to update the user as to the progress of lengthy operations performed on various managed objects, and to drive those operations. Refresh logic replicates changes made at one location in the user interface to other nodes.

摘要翻译： 提供用于执行组策略管理的用户界面机制的支持机制。 支持机制包括上下文菜单图，其提供了一致且有效的方式，以便仅使用简单的声明为节点生成交互式上下文菜单。 处理声明以调用具有相应参数的代码，该参数又产生与要显示的上下文菜单相对应的数据结构。 数据结构被处理成另一个数据结构，从中提取数据以满足托管管理应用的要求。 提供中间通信对象以将用户界面分成多个组件，每个组件各自交换数据。 还提供了一个进度对话框来更新用户关于在各种被管理对象上执行的冗长操作的进度，并且驱动这些操作。 刷新逻辑将在用户界面中的一个位置所做的更改复制到其他节点。

公开(公告)号：US07614015B2

公开(公告)日：2009-11-03

申请号：US10410883

申请日：2003-04-09

申请人： William J. Whalen ,  Carey Tanner ,  Matthew Wetmore ,  William P. McDaniel

发明人： William J. Whalen ,  Carey Tanner ,  Matthew Wetmore ,  William P. McDaniel

IPC分类号： G06F3/048 ,  G06F17/00 ,  G06F3/00 ,  H04L29/00

CPC分类号： H04L63/102 ,  G06F8/10 ,  H04L41/0893 ,  H04L41/22 ,  H04L41/28 ,  Y10S707/99943

摘要： A user interface is disclosed for representing group policy object topology and relationships, while allowing interaction to facilitate group policy management. Forests, sites and domains are hierarchically displayed in a treeview that reflects the network topology. The treeview also represents group policy objects, links, filters and other nodes. Administrators perform operations across forests, domains and sites, and perform operations on other nodes in the treeview. Administrators control which forests, sites and domains are viewable in the treeview, and the treeview state is persisted. Logic automatically reduces the topology's complexity by limiting the presentation of forests and/or domains to only those with which the administrator's forest and domain have a proper trust relationship. Also provided is a tabbed view in a result pane area that provides a rich display of complex data, and intelligent refresh logic to update changes in one user interface area to other user interface areas.

摘要翻译： 公开了用于表示组策略对象拓扑和关系的用户界面，同时允许交互来促进组策略管理。 森林，站点和域分层显示在反映网络拓扑的树视图中。 treeview还表示组策略对象，链接，过滤器和其他节点。 管理员可以跨林，域和站点执行操作，并对树视图中的其他节点执行操作。 管理员控制哪些林，站点和域在树视图中可见，并且树状态保持不变。 逻辑自动通过将森林和/或域的表示限制为管理员的林和域具有适当信任关系的呈现来自动降低拓扑的复杂性。 还提供了结果窗格区域中的标签视图，提供丰富的复杂数据显示，以及智能刷新逻辑，用于将一个用户界面区域中的更改更新到其他用户界面区域。

公开(公告)号：US20110126027A1

公开(公告)日：2011-05-26

申请号：US13015018

申请日：2011-01-27

申请人： Colin H. Brace ,  Nathan D. Muggli ,  William B. Lees ,  William J. Whalen

发明人： Colin H. Brace ,  Nathan D. Muggli ,  William B. Lees ,  William J. Whalen

IPC分类号： G06F21/24

CPC分类号： G06F21/6209 ,  H04L9/0827

摘要： Accessing a data set with secret and non-secret data. A method includes accessing a data set image. The data set image comprises secret data. The data set image is derived from an authorized data set associated with a master key that authorizes access to the secret data. The master key is not provided with the data set image. The method further comprises restoring the data set image to a computing system to create a degraded data set. Data in the degraded data set other than the secret data is accessed without restoring the master key.

摘要翻译： 访问具有秘密和非秘密数据的数据集。 一种方法包括访问数据集图像。 数据集图像包括秘密数据。 数据集图像从授权访问秘密数据的主密钥相关联的授权数据集导出。 主密钥没有提供数据集图像。 该方法还包括将数据集映像恢复到计算系统以创建劣化数据集。 在不恢复主密钥的情况下访问除秘密数据之外的劣化数据集中的数据。

公开(公告)号：US20110060995A1

公开(公告)日：2011-03-10

申请号：US12850853

申请日：2010-08-05

申请人： William J. Whalen ,  Carey Tanner ,  Matthew Wetmore

发明人： William J. Whalen ,  Carey Tanner ,  Matthew Wetmore

IPC分类号： G06F21/00 ,  G06F3/01 ,  G06F15/16

CPC分类号： H04L41/22 ,  H04L41/0893

摘要： Provided are support mechanisms for a user interface mechanism that performs group policy management. The support mechanisms include a context menu map that provides a consistent and efficient way to generate interactive context menus for nodes using only straightforward declarations. The declarations are processed to invoke code with corresponding parameters that in turn generates a data structure corresponding to a context menu that is to be displayed. The data structure is processed into another data structure, from which data is extracted to meet the requirements of a hosting management application. An intermediary communications object is provided to separate the user interface into multiple components which each exchange data. A progress dialog is also provided to update the user as to the progress of lengthy operations performed on various managed objects, and to drive those operations. Refresh logic replicates changes made at one location in the user interface to other nodes.

摘要翻译： 提供用于执行组策略管理的用户界面机制的支持机制。 支持机制包括上下文菜单图，其提供了一致且有效的方式，以便仅使用简单的声明为节点生成交互式上下文菜单。 处理声明以调用具有相应参数的代码，该参数又产生与要显示的上下文菜单相对应的数据结构。 数据结构被处理成另一个数据结构，从中提取数据以满足托管管理应用的要求。 提供中间通信对象以将用户界面分成多个组件，每个组件各自交换数据。 还提供进度对话框以更新用户关于在各种被管理对象上执行的冗长操作的进展，并且驱动这些操作。 刷新逻辑将在用户界面中的一个位置所做的更改复制到其他节点。

公开(公告)号：US07921304B2

公开(公告)日：2011-04-05

申请号：US11294977

申请日：2005-12-06

申请人： Colin H. Brace ,  Nathan D. Muggli ,  William B. Lees ,  William J. Whalen

发明人： Colin H. Brace ,  Nathan D. Muggli ,  William B. Lees ,  William J. Whalen

IPC分类号： G06F21/24

CPC分类号： G06F21/6209 ,  H04L9/0827

摘要： Accessing a data set with secret and non-secret data. A method includes accessing a data set image. The data set image comprises secret data. The data set image is derived from an authorized data set associated with a master key that authorizes access to the secret data. The master key is not provided with the data set image. The method further comprises restoring the data set image to a computing system to create a degraded data set. Data in the degraded data set other than the secret data is accessed without restoring the master key.

摘要翻译： 访问具有秘密和非秘密数据的数据集。 一种方法包括访问数据集图像。 数据集图像包括秘密数据。 数据集图像从授权访问秘密数据的主密钥相关联的授权数据集导出。 主密钥没有提供数据集图像。 该方法还包括将数据集映像恢复到计算系统以创建劣化数据集。 在不恢复主密钥的情况下访问除秘密数据之外的劣化数据集中的数据。