Outsourced GPOs (Group Policy Objects)

Written by Vince Lujan on January 13, 2018

Share This Article

The concept of outsourced GPOs (Group Policy Objects) has been a hot topic for IT admins in recent years. GPOs are one of the key functions of Microsoft Active Directory® (AD) that enable IT admins to manage a fleet of Windows® based systems.

The challenge is that AD GPOs require on-prem hardware and they are exclusive to Windows systems. That is why IT admins are so interested in a next generation identity management solution called Directory-as-a-Service® that can provide outsourced GPO-like functions for cross-platform environments.

Characteristics of Active Directory GPOs

identity management active directory

Active Directory GPOs are effectively prescribed commands and scripts that enable IT admins to set policies on Windows systems. GPOs can be used to configure a wide variety of system behaviors like screen lock timeout, disabling USB ports, and enforcing software updates, for example. Essentially, AD GPOs allow IT admins to govern how Windows systems will operate.

The key benefit with Active Directory’s GPOs is that they enable IT admins to manage a fleet of Windows systems from one central management platform. GPOs can save admins a significant amount of time by automating routine tasks that they would otherwise have to configure granularly per system.

AD GPOs are certainly a powerful tool for managing Windows systems. However, they are limited in their exclusivity to Windows. AD also requires a lot of on-prem IT infrastructure to operate, which can be a significant barrier for cloud-forward IT organizations.

Of course, these limitations were not considered issues when AD was initially released in 1999 because the cloud didn’t exist and most IT networks were strictly Windows environments. Nevertheless, these factors have become deal breakers for many organizations as more IT resources move away from homogeneous on-prem networks in favor of diverse (e.g., Windows, Mac, Linux) cloud or hybrid environments.

The good news is that a next generation cloud identity and access management (IAM) platform has emerged that can provide outsourced GPOs for cross-platform IT environments. It’s called Directory-as-a-Service, from JumpCloud, and it has changed the way IT admins think about group based policy management.

Outsourced GPOs with Directory-as-a-Service

image of outsourced GPO - admn operating windows, linux ,mac devices

Directory-as-a-Service is a next generation cloud IAM platform that was built to support modern IT networks. System management is a core component of the JumpCloud platform, which can offer GPO-like functionality for cross-platform IT environments (e.g., Windows, Mac, Linux).

With Directory-as-a-Service, IT admins can leverage a growing library of JumpCloud Policies that can configure system settings like screen lock timeout, disable USB ports, and many other tasks that are akin to AD GPOs. The key difference is JumpCloud group based policy management can support Windows, Mac, and Linux from a cloud-based platform. This is a much more modern approach compared to AD’s disposition for on-prem, Windows exclusive environments.

The best part is the Directory-as-a-Service platform goes beyond cross-platform GPO-like capabilities to provide a comprehensive set of management tools for virtually any IT resource. Check out any of the following links to better understand some of the various components of the JumpCloud platform.

Directory ServicesUser ManagementMobile Device Management (MDM)
REST API User ManagementGroup ManagementSingle Sign-On
Cloud RADIUS ServerPassword ManagementCloud LDAP Service
Event Logging APIOffice 365 IntegrationMulti-Factor Authentication
AD BridgeSamba File Servers and NAS AuthenticationPolicy Management

Learn More About Outsourced GPOs with Directory-as-a-Service

Get Started and Learn more about JumpCloud

Directory-as-a-Service enables IT admins to manage a comprehensive array of IT resources regardless of platform, provider, protocol, or location. Outsourced GPOs are a core aspect of the JumpCloud platform, which can provide AD GPO-like capabilities for cross-platform IT environments. In doing so, JumpCloud empowers IT admins to manage their fleet of Mac, Windows, and Linux systems without the limitations and challenges of implementing AD on-prem.

Check out our System Policies whiteboard presentation if you are interested in learning more about JumpCloud system policies.

You can also contact the JumpCloud team for more information about outsourced GPOs, or sign up for a Directory-as-a-Service account and see them in action today. Your first ten users are on us. This enables you to discover the full functionality of the JumpCloud platform for as long as you see fit, without any costs or commitments.

Vince Lujan

Vince is a writer and video specialist at JumpCloud. Originally from the horse capital of New Mexico, Corrales, he has lived in Boulder, Colorado for three years. When Vince is not developing content for JumpCloud, he can usually be found at the Boulder Creek.

Continue Learning with our Newsletter