Hosted Group Policy Objects (GPOs)

Written by Brandon White on October 22, 2020

Share This Article

Group Policy Objects (GPOs) have been the backbone of a system administrator’s life for as long as many IT admins can remember. Group Policy provides centralized management and configuration of operating systems, applications, and settings in a Microsoft® Active Directory® enterprise environment. Group Policy Objects in Microsoft Windows® Server have been leveraged by IT organizations worldwide to do things like set screen saver lock timings, automatically mount the company network drives, enforce password policies, restrict access to specific folders, and much more. Devices check in to the Active Directory server every few minutes to ensure they’re up to date with all the company’s IT policies. The ultimate goal of Group Policy Objects is to reduce the overall cost of supporting users in an enterprise environment. By controlling devices in bulk, IT admins can simplify the work it takes to manage a company’s fleet of machines.

The Downfall of Traditional GPOs

Group Policy Objects are a fantastic technology for Windows-only environments, but those don’t suffice in many places anymore. Today, most organizations are a mixture of Windows, Mac®, Linux®, iPhone®, Android®, and even ChromeOS® thanks to “bring your own device” strategies, remote work, and the growth of macOS® popularity in the enterprise. If you count digital signage tools like Apple TV® and Chromecast®, there are even more operating systems that IT departments must account for when designing management systems for an organization. Combine a multi-OS lifestyle with the growing trend of remote work, and a new breed of new system management tools is required to keep end-users secure and in compliance with organizational policies. The legacy management tools that most organizations have relied on for years are not scalable to most IT organizations’ needs in today’s complex environments.

A key component of Microsoft’s Active Directory is managing devices along with users. Microsoft has built many templates that IT departments can implement for management efficiency, as well the ability to write custom Group Policy scripts. When developing Group Policy Objects and Active Directory, Microsoft believed that a core part of identity access and management in the enterprise was managing the actual devices.

Leveraging GPOs from the Cloud

Cross-platform tools of this nature are challenging to create as each operating system has its unique management technology and unique security concerns. A new generation of tools has been designed to give GPO-like functionality in cloud-based management solutions. At JumpCloud®, we agree that Group Policy objects are an excellent tool for IT departments to manage a fleet of devices. Because of that, we’ve built a suite of tools that enable GPO-like functionality, but with support for more platforms than just Windows. We’ve built our tools to run from the cloud so employees can remain in compliance, and IT departments can be confident that policies are being pushed out regardless of the users’ location. 

JumpCloud’s device management tools allow an IT organization to execute commands, scripts, or policies to configure computers; however the organization wants. IT admins can set a task through a script and then schedule it to occur at a specific time, run it ad-hoc on-demand, or have it triggered with a webhook via an API. These tools create a GPO-like environment, but they work with more types of devices. 

If you want to control screen lockout across Mac and Windows, you’d typically need two separate management systems. With JumpCloud, a single management system can enable IT departments to manage multiple devices from a single interface/management system. The JumpCloud Directory Platform builds hosted GPO-like functions into its device management capabilities so IT organizations can enjoy cloud-based management across an ever-growing lineup of operating systems.

Try JumpCloud Free

Take control of your laptops, desktops, and servers through JumpCloud’s device management tools with GPO-like functions. Try it free with your first 10 users and 10 systems. Get started today!

Brandon White

Brandon is an enthusiast, solutionist, and JumpCloud’s Technical Evangelist, active in journalism and IT in cities across the US for over 25 years. Pick his brain on Slack in the JumpCloud Lounge: http://ow.ly/seTs30qO7WX

Continue Learning with our Newsletter