Chat now with support
Tchattez avec un ingénieur du support

One Identity Management Console for Unix 2.5.2 - Administration Guide

One Identity Privileged Access Suite for Unix Introducing One Identity Management Console for Unix Installing Management Console for Unix Preparing Unix hosts Working with host systems Managing local groups Managing local users Active Directory integration Authentication Services integration Privilege Manager integration
Getting started Configure a primary policy server Configure a secondary policy server Install PM agent or Sudo plugin on a remote host Security policy management
Opening a policy file Edit panel commands Editing PM policy files Reviewing the Access and Privileges by User report Reviewing the Access and Privileges by Host report
Event logs and keystroke logging
Reporting Setting preferences
User preferences System preferences
Security Troubleshooting tips
Auto profiling issues Active Directory Issues Auditing and compliance Cannot create a service connection point Check Authentication Services agent status commands not available CSV or PDF reports do not open Database port number is already in use Elevation is not working Hosts do not display Import file lists fakepath Information does not display in the console License information in report is not accurate Out of memory error Post install configuration fails on Unix or Mac Privilege Manager feature issues Profile task never completes questusr account was deleted Readiness check failed Recovering from a failed upgrade Reports are slow Reset the supervisor password Running on a Windows 2008 R2 domain controller Service account login fails Setting custom configuration settings Single Sign-on (SSO) issues JVM memory tuning suggestions Start/stop/restart Management Console for Unix service Toolbar buttons are not enabled UID or GID conflicts
System maintenance Command line utilities Web services Database maintenance About us

User Properties General Tab

Use the General tab to review or modify the general properties for the user.

Table 34: User Properties: General tab
Option Description
Name The name of the user account.
UID

The user identifier.

NOTE: One Identity does not recommend changing the UID as this could cause problems.

Primary group name Displays the primary group to which the selected user is a member.

To modify this setting, click the Select Group button to display a list of available group names. To find a particular group or filter this list, enter one or more characters in the Search for groups box.

GID

The group identifier assigned to the selected user’s primary group.

NOTE: This is read-only field.

Comments (GECOS) The user’s description.
Home Directory The file system directory for the selected user’s personal data and files.
Login shell

Displays the login shell where the selected user logs into the Unix system.

To modify this setting, click the Select Shell button to display a list of available login shells. To find a particular login shell or filter this list, enter one or more characters in the Search for login shell box.

User Properties Member Of tab

Member Of tab

The Member Of tab displays the following information about each supplementary group to which the selected user is a member:

Table 35: User Properties: Member Of tab
Option Description

The first column contains a selection check box allowing you to select or deselect a group. When you select a group, the Remove Groups toolbar button and right-click commands enable.

To select a group, click a group entry or the selection check box. To select all groups in the list, click the check box in the heading.

To deselect a group, click the selected check box. To deselect all selected groups, clear the check box in the heading.

Status column. These icons next to a group name indicate:

  • The user is already a member of this group
  • The user is ready to add this group.
  • The user is ready to remove this group
Name Displays the name of the local groups defined for the selected user.
GID Displays the unique group identifier assigned to each group.

Use the following toolbar buttons to define the selected user’s group membership or to search for a specific group:

Member Of Tab toolbar
Table 36: Member Of tab: Toolbar
Option Description
Click the Add Groups button to display the Add Groups dialog where you can search for a new group.
Click the Remove Groups button to remove the user from the selected group's membership.
Use the Search for groups box to filter the list of groups displayed based on group names. As you enter characters into the text box, the mangement console lists the groups that match (contain) the criteria entered. Click to remove the filtering and redisplay the original group list.

User Properties AD Logon Tab

Use the AD Logon tab to assign (or "map") the selected user to an Active Directory user account. When enabled, the selected user must use the specified Active Directory credentials to log onto the Unix host, taking advantage of the benefits of Active Directory security and access control.

Note: This feature is only available if

  • you have Authentication Services 4.x installed in Active Directory
  • you are logged into the mangement console as an Active Directory account in the Manage Hosts role
  • you have rights in Active Directory to Unix-enable users.

To enable this feature for the selected user, use these controls:

Table 37: User Properties: AD Logon tab
Option Description
Require an AD password to logon to host Select this option to require the selected user to use the specified Active Directory credentials to log onto the selected host.
Which AD user account do you want to use for access to this host? Click Select to open the Select AD User dialog where you can browse to select an Active Directory user account.
View AD User Properties Click this button to review the user's properties.

Modifying multiple user's properties

Modify multiple local Unix user's properties from either the Users view of a host's properties or the All Local Users tab.

To modify multiple user's properties simultaneously

  1. Select two or more user names and right-click to reveal the context menu.
  2. Choose the Properties option.

    The Properties: Multiple Users dialog displays.

  3. On the General tab, modify:
    1. Comments (GECOS)
    2. Login shell

      Optionally, you can click the Select Shell button to browse for a local login shell.

  4. Click OK to save the changes.
  5. On the Log on to Host dialog, enter the user credentials and click OK.

    Note: This task requires elevated credentials.

Documents connexes