Chat now with support
Chat with Support

Safeguard for Sudo 7.1 - Administration Guide

Introducing Safeguard for Sudo Planning Deployment Installation and Configuration Upgrade Safeguard for Sudo System Administration Managing Security Policy Administering Log and Keystroke Files Troubleshooting Safeguard Variables Safeguard programs Installation Packages Unsupported Sudo Options Safeguard for Sudo Policy Evaluation

Checking the Sudo Plugin configuration status

To check the Sudo Plugin configuration status

  1. From the command line, enter:
    # pmplugininfo

    This command returns output similar to this:

    # pmplugininfo 
       - Joined to a policy group          : YES 
       - Name of policy group              : MyPolicyGroup 
       - Hostname of primary policy server : myhost.example.com

    If the Sudo Plugin has been properly configured, it will say Joined to a Policy Group: YES and give the policy group name and primary policy server’s hostname.

Related Topics

pmplugininfo

Installing licenses

To install a license file

  1. Copy the .dlv license file to the policy server.
  2. To install the license, run:
    # /opt/quest/sbin/pmlicense –l <license_file>

    This command displays your currently installed license and the details of the new license to be installed.

  3. When it asks, "Would you like to install the new license (Y/N) [Y]?", press Enter, or type: Y
  4. If there are other policy servers configured in your policy server group, it forwards the license configuration to the other servers.
Related Topics

pmlicense

 

Displaying license usage

Use the pmlicense command to display how many client licenses are installed on the policy server on which you run the command.

Use pmlicense without any arguments to show an overall status summary, including the number of licenses configured and the total licenses in use for each license option.

To display current license status information

  1. At the command line, enter:

    # pmlicense

    Safeguard displays the current license information, noting the status of the license. Your output will be similar to the following:

    *** One Identity Safeguard *** 
    *** QPM4U VERSION 7.1.0 (0xx) *** 
    *** CHECKING LICENSE ON HOSTNAME:user123.example.com, IP ADDRESS:10.10.178.123 *** 
    *** SUMMARY OF ALL LICENSES CURRENTLY INSTALLED *** 
       * License Type PERMANENT 
       * Commercial/Freeware License COMMERCIAL 
       * Expiration Date NEVER 
       * Max QPM4U Client Licenses 0 
       * Max Sudo Policy Plugin Licenses 10 
       * Max Sudo Keystroke Plugin Licenses 0 
       * Authorization Policy Type permitted ALL 
       * Total QPM4U Client Licenses In Use 0 
       * Total Sudo Policy Plugins Licenses In Use 4 
       * Total Sudo Keystroke Plugins Licenses In Use 0

The above example shows that the current license allows for ten Sudo Policy Plugins (Sudo Plugin licenses) and four licenses are currently in use.

Use pmlicense with the –us option to view a summary usage report; use -uf to view the full usage report.

To show a full usage report including last use dates

  1. At the command line, enter:

    # pmlicense -uf

    Your output will be similar to the following:

    Detailed Licensed Hosts Report 
    ------------------------------------------------------------------------- 
    Number | Last Access Time                           | Hostname 
    ------------------------------------------------------------------------- 
           | QPM4U | SudoPolicy         | SudoKeystroke | 
    ------------------------------------------------------------------------- 
    1      |       |  2012/07/01 17:14  |               | admin1.example.com 
    2      |       |  2012/07/01 17:14  |               | user101.example.com 
    3      |       |  2012/07/01 16:28  |               | user123.example.com 
    4      |       |  2012/07/01 17:14  |               | dev023.example.com

The above output shows the full report, including the host names and dates the Sudo Plugins used the policy server.

The pmlicense command supports many other command-line options.

Related Topics

pmlicense

Listing policy file revisions

After you have made several revisions to your policy file under source control, you can view the list of policy file versions stored in the repository.

To display all previous version numbers with timestamps and commit logs

  1. From the command line, enter:
    # pmpolicy log

    This command returns output similar to this:

    ** Validate options          [ OK ] 
    ** Check out working copy    [ OK ] 
    ** Retrieve revision details [ OK ] 
    version="3",user="pmpolicy",date=2011-05-11,time=19:27:01,msg="" 
    version="2",user="pmpolicy",date=2011-05-11,time=19:19:47,msg="added tuser" 
    version="1",user="pmpolicy",date=2011-05-11,time=15:56:12,msg="First import"
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating