Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 11190403. Although the claims at issue are not identical, they are not patentably distinct from each other.

Instant Application
U.S. Patent No. 11,190403
1. A non-transitory computer-readable medium embodying program code executable in a computing device that, when executed by the computing device,                                                   
causes the computing device at least:

identify a combination of a user and a device that is enrolled as a managed device with a remotely executed management service;


identify a plurality of group policy rules defined for the user and the device, the group policy rules defined in a directory service;

identify a plurality of unified endpoint management (UEM) rules defined by the remotely executed management service for the user and the device;

identify ones of the group policy rules that have at least one an analog from the UEM rules;






build a configuration state view of the user and the device, the configuration state view identifying group policy rules and UEM rules that affect the same functionality of the device; and

identify inconsistencies between the group policy rules and the UEM rules.

2. The non-transitory computer-readable medium of claim 1, wherein the program code identifies inconsistencies by determining that a UEM rule and a compliance rule specify a conflicting setting for a feature of the device.

3. The non-transitory computer-readable medium of claim 1, wherein the UEM rules are enforced by a management component installed on the client device, and the management component comprises an application installed on the client device with elevated privileges and registered as a local device administrator with an operating system of the client device.

4. The non-transitory computer-readable medium of claim 1, wherein the group policy rules are defined in a directory service associated with the user or the device, and the group policy rules specify settings within an operating system of the client device.

5. The non-transitory computer-readable medium of claim 1, wherein the program code identifies ones of the group policy rules that have at least one analog from the compliance rules by inconsistencies by determining that the at least one analog from the compliance rules affects the same operating system setting as one of the group policy rules.

6. The non-transitory computer-readable medium of claim 1, further comprising program code that, when executed by the computing device, causes the computing device to generate a plurality of policy bindings that link together the UEM rules and the group policy rules.

7. The non-transitory computer-readable medium of claim 1, wherein program code identifies inconsistencies between the group policy rules and the UEM rules by identifying that at least one of a group policy rule or a UEM rule specifies a conflicting value for an operating system setting on the client device.


8. A system comprising: at least one computing device comprising a processor; and program instructions executable in the computing device that, when executed by the computing device, cause the client device to:

identify a combination of a user and a device that is enrolled as a managed device with a remotely executed management service;

identify a plurality of group policy rules defined for the user and the device, the group policy rules defined in a directory service;

identify a plurality of unified endpoint management (UEM) rules defined by the remotely executed management service for the user and the device;

identify ones of the group policy rules that have at least one an analog from the UEM rules;







build a configuration state view of the user and the device, the configuration state view identifying group policy rules and UEM rules that affect the same functionality of the device; and

identify inconsistencies between the group policy rules and the UEM rules.

9. The system of claim 8, wherein the program code identifies inconsistencies by determining that a UEM rule and a compliance rule specify a conflicting setting for a feature of the device.

10. The system of claim 8, wherein the group policy rules are defined in a directory service associated with the user or the device, and the group policy rules specify settings within an operating system of the client device.

11. The system of claim 8, wherein the UEM rules are enforced by a management component installed on the client device, and the management component comprises an application installed on the client device with elevated privileges and registered as a local device administrator with an operating system of the client device.

12. The system of claim 8, wherein the program code identifies ones of the group policy rules that have at least one analog from the compliance rules by inconsistencies by determining that the at least one analog from the compliance rules affects the same operating system as one of the group policy rules.

13. The system of claim 8, further comprising program code that, when executed by the computing device, causes the computing device to generate a plurality of policy bindings that link together the UEM rules and the group policy rules.


14. The system of claim 8, wherein program code identifies inconsistencies between the group policy rules and the UEM rules by identifying that at least one of a group policy rule or a UEM rule specifies a conflicting value for an operating system setting on the client device.

15. A method comprising:

identifying a combination of a user and a device that is enrolled as a managed device with a remotely executed management service;

identify a plurality of group policy rules defined for the user and the device, the group policy rules defined in a directory service;

identify a plurality of unified endpoint management (UEM) rules defined by the remotely executed management service for the user and the device;

identify ones of the group policy rules that have at least one an analog from the UEM rules;








build a configuration state view of the user and the device, the configuration state view identifying group policy rules and UEM rules that affect the same functionality of the device; and

identify inconsistencies between the group policy rules and the UEM rules.

16. The computer-implemented method of claim 15, further comprising identifying inconsistencies by determining that a UEM rule and a compliance rule specify a conflicting setting for a feature of the device.

17. The computer-implemented method of claim 15, wherein the group policy rules are defined in a directory service associated with the user or the device, and the group policy rules specify settings within an operating system of the client device.





18. The computer-implemented method of claim 15, wherein the UEM rules are enforced by a management component installed on the client device, and the management component comprises an application installed on the client device with elevated privileges and registered as a local device administrator with an operating system of the client device.

19. The computer-implemented method of claim 15, wherein the program code identifies ones of the group policy rules that have at least one analog from the compliance rules by inconsistencies by determining that the at least one analog from the compliance rules affects the same operating system as one of the group policy rules.

20. The computer-implemented method of claim 15, wherein program code identifies inconsistencies between the group policy rules and the UEM rules by identifying that at least one of a group policy rule or a UEM rule specifies a conflicting value for an operating system setting on the client device.
1. A non-transitory computer-readable medium embodying program code executable in a computing device that, when executed by the computing device, causes the computing device at least: 
identify a combination of a user and a device that is enrolled as a managed device with a remotely executed management service; 
identify a plurality of group policy rules defined for the user and the device, the group policy rules defined in a directory service; 
identify a plurality of unified endpoint management (UEM) rules defined by the remotely executed management service for the user and the device; 
identify ones of the group policy rules that have at least one an analog from the UEM rules based upon at least one reference policy binding, the at least one reference policy binding comprising a combination of at least one of: a mapping data structure, at least one rule, or a functionality that specifies how each group policy maps to the a respective UEM rule; build a configuration state view of the user and the device, the configuration state view identifying group policy rules and UEM rules that affect the same functionality of the device; and
 identify inconsistencies between the group policy rules and the UEM rules.
2. The non-transitory computer-readable medium of claim 1, wherein the program code identifies inconsistencies by determining that a UEM rule and a compliance rule specify a conflicting setting for a feature of the device.
3. The non-transitory computer-readable medium of claim 1, wherein the UEM rules are enforced by a management component installed on the client device, and the management component comprises an application installed on the client device with elevated privileges and registered as a local device administrator with an operating system of the client device.
4. The non-transitory computer-readable medium of claim 1, wherein the group policy rules are defined in a directory service associated with the user or the device, and the group policy rules specify settings within an operating system of the client device.
5. The non-transitory computer-readable medium of claim 1, wherein the program code identifies ones of the group policy rules that have at least one analog from the compliance rules by inconsistencies by determining that the at least one analog from the compliance rules affects the same operating system setting as one of the group policy rules.
6. The non-transitory computer-readable medium of claim 1, further comprising program code that, when executed by the computing device, causes the computing device to generate a plurality of policy bindings that link together the UEM rules and the group policy rules.
7. The non-transitory computer-readable medium of claim 1, wherein program code identifies inconsistencies between the group policy rules and the UEM rules by identifying that at least one of a group policy rule or a UEM rule specifies a conflicting value for an operating system setting on the client device.
8. A system comprising: at least one computing device comprising a processor; and program instructions executable in the computing device that, when executed by the computing device, cause the client device to:
 identify a combination of a user and a device that is enrolled as a managed device with a remotely executed management service; 
identify a plurality of group policy rules defined for the user and the device, the group policy rules defined in a directory service; 
identify a plurality of unified endpoint management (UEM) rules defined by the remotely executed management service for the user and the device;                                           
identify ones of the group policy rules that have at least one an analog from the UEM rules based upon at least one reference policy binding, the at least one reference policy binding comprising a combination of at least one of: a mapping data structure, at least one rule, or a functionality that specifies how each group policy maps to the a respective UEM rule; 
build a configuration state view of the user and the device, the configuration state view identifying group policy rules and UEM rules that affect the same functionality of the device; and 
identify inconsistencies between the group policy rules and the UEM rules.
9. The system of claim 8, wherein the program code identifies inconsistencies by determining that a UEM rule and a compliance rule specify a conflicting setting for a feature of the device.
10. The system of claim 8, wherein the group policy rules are defined in a directory service associated with the user or the device, and the group policy rules specify settings within an operating system of the client device.
11. The system of claim 8, wherein the UEM rules are enforced by a management component installed on the client device, and the management component comprises an application installed on the client device with elevated privileges and registered as a local device administrator with an operating system of the client device.
12. The system of claim 8, wherein the program code identifies ones of the group policy rules that have at least one analog from the compliance rules by inconsistencies by determining that the at least one analog from the compliance rules affects the same operating system as one of the group policy rules.
13. The system of claim 8, further comprising program code that, when executed by the computing device, causes the computing device to generate a plurality of policy bindings that link together the UEM rules and the group policy rules.
14. The system of claim 8, wherein program code identifies inconsistencies between the group policy rules and the UEM rules by identifying that at least one of a group policy rule or a UEM rule specifies a conflicting value for an operating system setting on the client device.
15. A method comprising: 
identifying a combination of a user and a device that is enrolled as a managed device with a remotely executed management service; 
identify a plurality of group policy rules defined for the user and the device, the group policy rules defined in a directory service; 
identify a plurality of unified endpoint management (UEM) rules defined by the remotely executed management service for the user and the device; 
identify ones of the group policy rules that have at least one an analog from the UEM rules based upon at least one reference policy binding, the at least one reference policy binding comprising a combination of at least one of: a mapping data structure, at least one rule, or a functionality that specifies how each group policy maps to the a respective UEM rule; 
build a configuration state view of the user and the device, the configuration state view identifying group policy rules and UEM rules that affect the same functionality of the device; and 
identify inconsistencies between the group policy rules and the UEM rules.
16. The computer-implemented method of claim 15, further comprising identifying inconsistencies by determining that a UEM rule and a compliance rule specify a conflicting setting for a feature of the device.
17. The computer-implemented method of claim 15, wherein the group policy rules are defined in a directory service associated with the user or the device, and the group policy rules specify settings within an operating system of the client device.


18. The computer-implemented method of claim 15, wherein the UEM rules are enforced by a management component installed on the client device, and the management component comprises an application installed on the client device with elevated privileges and registered as a local device administrator with an operating system of the client device.
19. The computer-implemented method of claim 15, wherein the program code identifies ones of the group policy rules that have at least one analog from the compliance rules by inconsistencies by determining that the at least one analog from the compliance rules affects the same operating system as one of the group policy rules.
20. The computer-implemented method of claim 15, wherein program code identifies inconsistencies between the group policy rules and the UEM rules by identifying that at least one of a group policy rule or a UEM rule specifies a conflicting value for an operating system setting on the client device



Allowable Subject Matter
The following is a statement of reasons for the indication of allowable subject matter:  A relevant prior art, Kruse et al. (US 10,986,131) specifies changes to permission associated with an access policy related to a group of user or a group policies and give warning whether the permissions should be permitted.  It resolves conflicts between effective permission associated with the individual and the group policy to which the individual belongs and selects a default policy resolution to resolve the conflict.  This is in contrast to the claimed limitations which determine an analog between the group and the UEM policies which relate to the functionality of the device.  A thorough review of the prior art fails to disclose or render obvious,
“identify a plurality of group policy rules defined for the user and the device, the group policy rules defined in a directory service; identify a plurality of unified endpoint management (UEM) rules defined by the remotely executed management service for the user and the device; identify ones of the group policy rules that have at least one an analog from the UEM rules; build a configuration state view of the user and the device, the configuration state view identifying group policy rules and UEM rules that affect the same functionality of the device; and identify inconsistencies between the group policy rules and the UEM rules.”

Conclusion
The prior art made of record and not relied upon is considered pertinent toapplicant's disclosure.  See PTO-892 form.
Any inquiry concerning this communication or earlier communications from theexaminer should be directed to Chirag R Patel whose telephone number is (571)272-7966. The examiner can normally be reached on Monday to Friday from 8:00AM to 4:30PM. If attempts to reach the examiner by telephone are unsuccessful, theexaminer's supervisor, Glenton Burgess, can be reached on 571-272-3949. The fax phone number for the organization where this application or proceedingis assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status informationfor published applications may be obtained from either Private PAIR or PublicPAIR. Status information for unpublished applications is available throughPrivate PAIR only. For more information about the PAIR system, seehttp://pairdirect.uspto.gov. Should you have questions on access to the PrivatePAIR system, contact the Electronic Business Center (EBC) at 866-217-9197(toll free). 

/Chirag R Patel/
Primary Examiner, Art Unit 2454