You use the pmsrvconfig -s <primary_policy_server> command to configure a secondary server. See pmsrvconfig for more information about the pmsrvconfig command options.
To configure the secondary server
# pmsrvconfig –s <primary_policy_server>
where <primary_policy_server> is the hostname of your primary policy server.
pmsrvconfig prompts you for the "Join" password from the primary policy server, exchanges ssh keys for the pmpolicy service user, and updates the new secondary policy server with a copy of the master (production) policy.
Once you have installed and configured a secondary server, you are ready to join the Sudo Plugin to it. See Join hosts to policy group for details.
Safeguard generates log files containing event timestamps based on the local clock of the authorizing policy server.
To synchronize all policy servers in the policy group, use Network Time Protocol (NTP) or a similar method of your choice.
Once you have installed and configured the primary policy server, you are ready to install a Sudo Plugin on a remote host.
To check a Sudo Plugin host for installation readiness
# sh pmpreflight.sh –-sudo –-policyserver <myhost>
where <myhost> is the hostname of the primary policy server.
Running pmpreflight.sh –-sudo performs these tests:
© ALL RIGHTS RESERVED. Nutzungsbedingungen Datenschutz Cookie-Einstellungen ändern