Chat now with support
Chat mit Support

Safeguard Authentication Services 5.1.3 - Administration Guide

Privileged Access Suite for UNIX Introducing One Identity Safeguard Authentication Services UNIX administration and configuration Identity management Migrating from NIS Managing access control Managing local file permissions Certificate Autoenrollment Integrating with other applications Managing UNIX hosts with Group Policy
Safeguard Authentication Services Group Policy
Group Policy Concepts UNIX policies One Identity policies
Display specifiers Troubleshooting Glossary

Files to Process List file

The Files to Process List file contains a list of files and directories for which you want to change the ownership. It is produced by X? and is passed to oat_changeowners.

Syntax
<file_list> ::= { < file_list_entry > <CRLF> }
<file_list_entry> ::= <full_file_name> | <full_directory_name>
<full_file_name> ::= '/' { <character> }
<full_directory_name> ::= '/' { <character> }
Sample
/home/alex
/home/mike
/etc
/opt/quest/bin/vastool

Files to Exclude List file

The Files to Exclude List file contains a list of files and directories for which you do not want to change the ownership. It is produced by X? and is passed to oat_changeowners.

Syntax
<file_list> ::= { < file_list_entry > <CRLF> }
<file_list_entry> ::= <full_file_name> |
<full_directory_name> |
<regular_expression>
<full_file_name> ::= '/' { <character> }
<full_directory_name> ::= '/' { <character> }
<regular_expression> ::= 'regexp:' { <character> }
Sample
/home/alex
/home/mike
/etc
/opt/quest/bin/vastool

Processed Files List file

The Processed Files List file contains a list of files and directories for which the ownership was changed. It is produced by oat_changeowners. Backup files are saved in /var/opt/quest/oatwork.

Syntax
<file_list> ::= { <full_file_name> '(' <original_permissions> ')' <CRLF> }
<full_file_name> ::= <character> { <character> }
<original_permissions> ::= <character> { <character> }
Sample
/home/alex/work/ownertool/src/changer/test(0,0,l)
/home/alex/work/ownertool/src/changer/test/inner(0,0,l)
/home/alex/work/ownertool/src/changer/test/inner/copy_root:spartak(0,0,l)
/home/alex/work/ownertool/src/changer/test/inner/ln_masha:spartak(0,0,l)
/home/alex/work/ownertool/src/changer/test/inner/copy_masha:spartak(0,0,l)
/home/alex/work/ownertool/src/changer/test/root:spartak(0,0,l)
/home/alex/work/ownertool/src/changer/test/dup_inner(0,0,l)
/home/alex/work/ownertool/src/changer/test/dup_inner/copy_root:spartak(0,0,l)

Certificate Autoenrollment

Certificate Autoenrollment is a feature of Safeguard Authentication Services based on Microsoft Open Specifications. Certificate Autoenrollment allows macOS, UNIX, and Linux clients to take advantage of existing Microsoft infrastructure to automatically enroll for and install certificates. Certificate policy controls which certificates are enrolled and what properties those certificates will have.

With Certificate Autoenrollment, a public/private key pair is automatically generated according to certificate template parameters defined in Group Policy. The public key is sent to the Certification Authority (CA), and the CA responds with a new certificate corresponding to the public key, which is installed along with the private key into the appropriate system or user keychain on the Mac, UNIX, or Linux client.

You can use Group Policy to automatically configure which certificate enrollment policy servers to use for Certificate Autoenrollment and to periodically run Certificate Autoenrollment.

By following the instructions presented in this section, a system administrator will be able to configure new or existing systems to download certificate enrollment policy from a certificate enrollment policy server. Additionally, the systems will automatically enroll and renew certificates based on the certificate enrollment policy.

Certificate Autoenrollment is an optional package distributed with One Identity Safeguard Authentication Services. For instructions on installing this package, see the One Identity Safeguard Authentication Services Installation Guide.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen