Chat now with support
Tchattez avec un ingénieur du support

One Identity Management Console for Unix 2.5.2 - Administration Guide

One Identity Privileged Access Suite for Unix Introducing One Identity Management Console for Unix Installing Management Console for Unix Preparing Unix hosts Working with host systems Managing local groups Managing local users Active Directory integration Authentication Services integration Privilege Manager integration
Getting started Configure a primary policy server Configure a secondary policy server Install PM agent or Sudo plugin on a remote host Security policy management
Opening a policy file Edit panel commands Editing PM policy files Reviewing the Access and Privileges by User report Reviewing the Access and Privileges by Host report
Event logs and keystroke logging
Reporting Setting preferences
User preferences System preferences
Security Troubleshooting tips
Auto profiling issues Active Directory Issues Auditing and compliance Cannot create a service connection point Check Authentication Services agent status commands not available CSV or PDF reports do not open Database port number is already in use Elevation is not working Hosts do not display Import file lists fakepath Information does not display in the console License information in report is not accurate Out of memory error Post install configuration fails on Unix or Mac Privilege Manager feature issues Profile task never completes questusr account was deleted Readiness check failed Recovering from a failed upgrade Reports are slow Reset the supervisor password Running on a Windows 2008 R2 domain controller Service account login fails Setting custom configuration settings Single Sign-on (SSO) issues JVM memory tuning suggestions Start/stop/restart Management Console for Unix service Toolbar buttons are not enabled UID or GID conflicts
System maintenance Command line utilities Web services Database maintenance About us

Privilege Manager license alerts

While the mangement console always allows you to add Unix hosts and manage local users and groups without a license, One Identity provides a free 30-day unlimited-use trial license that allows you to manage any number of hosts with Privilege Manager for Unix and Privilege Manager for Sudo. After the evaluation period expires, you will receive a "License" alert if you continue to use the Privilege Manager products after the expiration date, and a "Usage" alert if you exceed the number of hosts allowed. It may take up to 60 minutes for the primary policy server to update the license information. The console will report the correct information next time you log into the console, update licenses from System Settings, run the Product License Usage report, or when you configure a service account for a policy group.

License Alerts

When the policy server license expires, you will receive an alert on the console.

Usage Alerts

When you exceed the number of hosts allows by your current product license, you will receive an alert on the console.

After the free 30-day unlimited-use trial license expires:

  • Privilege Manager for Unix does not allow you to manage any Privilege Manager Agents without an alert.
  • Privilege Manager for Sudo allows you to manage up to 10 Sudo Plugin hosts without an alert.

Authentication Services system settings

Use the Authentication Services System Settings to change the Authentication Services path to the Authentication Services software packages, validate the Authentication Services licenses, and configure the mangement console to use the Windows 2003 R2 schema.

The Authentication Services settings lists the Authentication Services product licenses found during the installation/configuration process.

Setting the Authentication Services software path

When you install from the product ISO, the setup wizard copies available software packages to a default location on the local computer.

The default directories are:

  • On Windows platforms: %SystemDrive%:\Program Files\Quest Software\Management Console for Unix\software\qas\default
  • On Unix and Linux platforms: /opt/quest/mcu/software/qpm/default

Note: If you install Management Console for Unix from the Authentication Services ISO, the "default" directory is replaced with the Authentication Services version number.

If you plan to install Authentication Services software onto your hosts from the console, you must ensure the path to the packages is correctly set in System Settings.

To ensure the path to the Authentication Services software packages is correctly set

  1. Make note of where your Authentication Services software packages are located.

  2. Log onto the mangement console using the supervisor account or an Active Directory account with rights to change System Settings; that is, an account in the Console Administration role. See Console Roles and Permissions system settings for details.

  3. From the top-level Settings menu, navigate to System settings | Authentication Services.

  4. In the Path box, enter the path where the Authentication Services software packages are located on the server.

  5. Click OK to save your selection and close System Settings.

Authentication Services license alerts

While the mangement console always allows you to add Unix hosts and manage local users and groups without a license, One Identity provides a free 30-day unlimited-use trial license that allows you to manage any number of hosts with Authentication Services 4.x.

License Alerts

After your license expires you will receive a "license" alert if you continue to use the product after the expiration date. The alert is triggered when you log into the console or update licenses from System Settings.

Usage Alerts

You will receive a "usage" alert if you exceed the number of hosts allowed by your current product license.

Documents connexes