Tchater maintenant avec le support
Tchattez avec un ingénieur du support

One Identity Management Console for Unix 2.5.2 - Administration Guide

One Identity Privileged Access Suite for Unix Introducing One Identity Management Console for Unix Installing Management Console for Unix Preparing Unix hosts Working with host systems Managing local groups Managing local users Active Directory integration Authentication Services integration Privilege Manager integration Reporting Setting preferences Security Troubleshooting tips
Auto profiling issues Active Directory Issues Auditing and compliance Cannot create a service connection point Check Authentication Services agent status commands not available CSV or PDF reports do not open Database port number is already in use Elevation is not working Hosts do not display Import file lists fakepath Information does not display in the console License information in report is not accurate Out of memory error Post install configuration fails on Unix or Mac Privilege Manager feature issues Profile task never completes questusr account was deleted Readiness check failed Recovering from a failed upgrade Reports are slow Reset the supervisor password Running on a Windows 2008 R2 domain controller Service account login fails Setting custom configuration settings Single Sign-on (SSO) issues JVM memory tuning suggestions Start/stop/restart Management Console for Unix service Toolbar buttons are not enabled UID or GID conflicts
System maintenance Command line utilities Web services Database maintenance

Adding users to a local group

Add local or Active Directory users to a local group from a local group's properties.

To add users to a local group

  1. From the Groups tab on the host's properties, right-click a group name and choose Properties.

    You can also double-click the group name to open its properties.

  2. Select the Members tab, open the Add menu and choose Local user.

    Note: The AD user option is only available when you are logged in as an Active Directory user for a host that is joined to Active Directory. See Adding AD user to a local group for details.

  3. On the Select Local User dialog, search for and select a local user from the list and click OK.

    Note: To find a particular user you can filter the list of users. Enter one or more characters in the Search for users box. The mangement console automatically displays the users whose name contains the characters you enter. To redisplay the original list, click the button on the Search for users box.

    You can also select one of the following options from the user type drop-down menu:

    • All users
    • All non-system users
    • System users
    • Users requiring AD logon (requires Authentication Services 4.x)
    • Users not requiring AD logon (requires Authentication Services 4.x)
  4. Click OK on the Members tab to save your selections.

    The mangement console adds the users with an icon to the list on the Members tab.

  5. On the Log on to Host dialog, enter the user credentials and click OK.

    Note: This task requires elevated credentials.

Removing user from local group

Remove local or Active Directory users from a group from the Groups tab of a host's properties.

To remove a user from a local group

  1. Right-click a group name and choose Properties.

    You can also double-click a group from the list to open its properties.

  2. From the Members tab, select one or more users and click Remove User.

    The mangement console adds a icon to the user names to indicate they are ready to remove from the list.

  3. Click OK on the Members tab to save your selections.
  4. On the Log on to Host dialog, enter the user credentials and click OK.

    Note: This task requires elevated credentials.

Deleting local group

Any users belonging to a deleted group will no longer have access to the resources previously owned by that group.

To delete a local group

  1. From the Groups tab, select one or more groups to delete and click Delete Group.

  2. Confirm that you want to delete the selected groups.

  3. On the Log on to Host dialog, enter the user credentials and click OK.

    Note: This task requires elevated credentials.

    The Groups view is automatically refreshed and no longer lists the deleted groups.

Reviewing the Local Unix Groups report

The Local Unix Groups report lists all the groups on a host and the group's membership.

Note: This report is available when you are logged on as the supervisor or an Active Directory account in the Manage Hosts role.

To create the Local Unix Groups report

  1. From the mangement console, navigate to Reporting.
  2. From the Reports view, double-click the Local Unix Groups report name.

    The report opens a new Local Unix Groups tab on the Reporting view.

  3. To locate a specific group, use a combination of the following report parameters:
    • Group Name contains
    • GID Number is
    • Member contains
    • Include all group members in report (Always included when exporting to CSV)

    Note: The Member contains field accepts multiple entries separated by a comma. Spaces are taken literally in the search. For example, entering:

    • adm, user searches for members whose name contains 'adm' or ' user'
    • adm,user searches for members whose name contains 'adm' or 'user'.

    Note: When you specify multiple report parameters (for example, Group Name contains, GID Number is, and Member contains), it uses the AND expression; therefore, ALL of the selected parameters must be met in order to locate a group.

    If you do not specify a group, it includes all local groups on each profiled host in the report. In addition, it includes all of the group members in the report by default, but you can clear the Include all group members in report option.

  4. Open the Export drop-down menu and select the format you want to use for the report: PDF or CSV.

    It launches a new browser or application page and displays the report in the selected format.

Note: When generating multiple reports simultaneously or generating a single report that contains a large amount of data, One Identity recommends that you increase the JVM memory. See JVM memory tuning suggestions for details.

Documents connexes