公开(公告)号：US06950818B2

公开(公告)日：2005-09-27

申请号：US10254155

申请日：2002-09-24

申请人： Michael W. Dennis ,  Michele L. Freed ,  Daniel Plastina ,  Eric R. Flo ,  David E. Kays, Jr. ,  Robert E. Corrington

发明人： Michael W. Dennis ,  Michele L. Freed ,  Daniel Plastina ,  Eric R. Flo ,  David E. Kays, Jr. ,  Robert E. Corrington

IPC分类号： G06F21/00 ,  H04L29/06 ,  G06F17/30

CPC分类号： H04L63/102 ,  G06F21/10 ,  G06F21/604 ,  G06F21/62 ,  G06Q10/10 ,  H04L63/104 ,  Y10S707/99933 ,  Y10S707/99939 ,  Y10S707/99942 ,  Y10S707/99945 ,  Y10S707/99953

摘要： A method and system for implementing policy by accumulating policies for a policy recipient from policy objects associated with a hierarchically organized structure of containers, such as directory containers (sites, domains and organizational units) that includes the policy recipient. Based on administrator input, policy settings for the policy recipient may be accumulated into a specific order by inheriting policy from higher containers, which may enforce their policy settings over those of lower containers. Policy that is not enforced may be blocked at a container. The result is an accumulated set of group policy objects that are ordered by relative strength to resolve any policy conflicts. Policy may be applied to a policy recipient by calling extensions, such as an extension that layers the policy settings into the registry or an extension that uses policy information from the objects according to the ordering thereof.

摘要翻译： 通过从包含策略接收者的诸如目录容器（站点，域和组织单位）的层次结构的容器相关联的策略对象累积策略收件人的策略来实现策略的方法和系统。 基于管理员输入，策略收件人的策略设置可以通过继承来自较高容器的策略来累积到特定的顺序，这可能会对低级容器的策略设置执行策略设置。 未强制执行的策略可能会在容器中被阻止。 结果是通过相对强度排序的一组累积的组策略对象来解决任何策略冲突。 策略可以通过调用扩展来应用于策略接收者，例如将策略设置分层到注册表中的扩展或者根据其顺序使用来自对象的策略信息的扩展。

公开(公告)号：US06466932B1

公开(公告)日：2002-10-15

申请号：US09268455

申请日：1999-03-16

申请人： Michael W. Dennis ,  Michele L. Freed ,  Daniel Plastina ,  Eric R. Flo ,  David E. Kays, Jr. ,  Robert E. Corrington

发明人： Michael W. Dennis ,  Michele L. Freed ,  Daniel Plastina ,  Eric R. Flo ,  David E. Kays, Jr. ,  Robert E. Corrington

IPC分类号： G06F1730

CPC分类号： H04L63/102 ,  G06F21/10 ,  G06F21/604 ,  G06F21/62 ,  G06Q10/10 ,  H04L63/104 ,  Y10S707/99933 ,  Y10S707/99939 ,  Y10S707/99942 ,  Y10S707/99945 ,  Y10S707/99953

摘要： A method and system for implementing policy by accumulating policies for a policy recipient from policy objects associated with a hierarchically organized structure of containers, such as directory containers (sites, domains and organizational units) that includes the policy recipient. Based on administrator input, policy settings for the policy recipient may be accumulated into a specific order by inheriting policy from higher containers, which may enforce their policy settings over those of lower containers. Policy that is not enforced may be blocked at a container. The result is an accumulated set of group policy objects that are ordered by relative strength to resolve any policy conflicts. Policy may be applied to a policy recipient by calling extensions, such as an extension that layers the policy settings into the registry or an extension that uses policy information from the objects according to the ordering thereof. Linking of group policy objects to one or more containers (e.g., sites, domains and organizational units) is provided, as is exception management. The effects of group policy may be filtered based on users' or computers' membership in security groups.

摘要翻译： 通过从包含策略接收者的诸如目录容器（站点，域和组织单位）的层次结构的容器相关联的策略对象累积策略收件人的策略来实现策略的方法和系统。 基于管理员输入，策略收件人的策略设置可以通过继承来自较高容器的策略来累积到特定的顺序，这可能会对低级容器的策略设置执行策略设置。 未强制执行的策略可能会在容器中被阻止。 结果是通过相对强度排序的一组累积的组策略对象来解决任何策略冲突。 策略可以通过调用扩展来应用于策略接收者，例如将策略设置分层到注册表中的扩展或者根据其顺序使用来自对象的策略信息的扩展。 提供组策略对象与一个或多个容器（例如，站点，域和组织单元）的链接，异常管理也是如此。 组策略的效果可能会根据用户或计算机在安全组中的成员资格进行过滤。