NetIQ Group Policy Administrator

NetIQ Group Policy Administrator provides an offline environment to help you securely manage Group Policy Objects. This allows you to plan, troubleshoot, and report on Group Policy administration activity without impacting the performance and availability of your live Active Directory environment. It also helps you reduce risk; prevent service interruptions; and
achieve, maintain, and demonstrate regulatory compliance.

Features

• Detailed role and privilege delegation without granting Active Directory permissions
• Total offline GPO lifecycle change management
• Offline environment mirrors production for consistent accuracy
• GPO version control with check-out, check-in
• One-button rollback capability
• WMI filter and GPO Link Order editing
• Centralized GPO control and synchronization from domain to domain and across forests, including disconnected forests
• Synchronized GPO changes ensure consistent master GPOs across domains
• GPO Merge Facility eliminates redundant and incomplete GPO ‘clutter’
• Live and offline Resultant Set of Policy (RSoP) analysis
• Point-in-time analysis reports show changes with who/what/when detail

Key Differentiators

Group Policy Administrator provides the following differentiated capabilities to securely and efficiently manage Group Policy:

• Granular delegation of least privilege separates duties among stakeholders. Delegation of pre-defined roles and detailed custom role and privilege definitions safeguard organizations by separating lifecycle duties across administrative and managerial personnel.
• Complete offline group policy lifecycle management and analysis. Import, create, edit, test, link, analyze, report on, and approve production-ready GPOs. After all stakeholders model and approve the impact of GPO changes, changes are ready to be published into the production environment.
• Cross-domain/cross-forest group policy management and reporting. Manage all domains and forests within an environment from one centralized repository, regardless of trust relationships.  GPOs can be easily synchronized across domains and forests and deviations identified.
• Compare and merge GPOs to maintain a clean and consistent GPO repository. The GPA Merge Facility allows admins to compare GPOs, combine and remove settings, and consolidate and  eliminate incomplete and unnecessary GPOs.
• Integrated Group Policy Change Monitoring. Group Policy Administrator and Change Guardian for Group Policy can be seamlessly integrated to identify unauthorized changes by evaluating the source of the change.