Planning a policy strategy
Determining which policies to apply and how to apply them can be challenging. In most enterprises, a template and organizational guide already exists in the form of Active Directory and Group Policies. Although it may not be ideal to apply every corresponding policy (and there may not always be corresponding policies between Windows and OS X), your existing policy structures often provide an excellent starting point. It also makes a great deal of sense to leverage your existing groups or organizations units within Active Directory for applying user-based policies.
Determining Mac-based policies may take a bit more thought. Again, you can use your existing PC organizational units or structure as a guide, but you may find it more efficient and effective to create Mac-specific units or groups.
It's also important to note that most tools that apply Mac management support leveraging your Active Directory environment -- even Active Directory itself -- aren't the source of the policies as it is with Windows Group Policies.
In the final piece of this series, I'll look at the various tools used to manage Macs as well as OS and app deployment options. If you'd like additional details on Mac (and iOS) policy options and configuration file structure, check out Apple's Profile Manager documentation.
Related articles
- Essential admins tips: How to blend Macs into your business
- 30 essential OS X command-line tips
- Windows 10 vs. Mac OS X: Which gives sys admins more control?
- A clear-eyed guide to Mac OS X's actual security risks
- Macs in the office: Success breeds security FUD
- The truth about Macs in the enterprise