Chat now with support
Tchattez avec un ingénieur du support

One Identity Management Console for Unix 2.5.2 - Administration Guide

One Identity Privileged Access Suite for Unix Introducing One Identity Management Console for Unix Installing Management Console for Unix Preparing Unix hosts Working with host systems Managing local groups Managing local users Active Directory integration Authentication Services integration Privilege Manager integration
Getting started Configure a primary policy server Configure a secondary policy server Install PM agent or Sudo plugin on a remote host Security policy management
Opening a policy file Edit panel commands Editing PM policy files Reviewing the Access and Privileges by User report Reviewing the Access and Privileges by Host report
Event logs and keystroke logging
Reporting Setting preferences
User preferences System preferences
Security Troubleshooting tips
Auto profiling issues Active Directory Issues Auditing and compliance Cannot create a service connection point Check Authentication Services agent status commands not available CSV or PDF reports do not open Database port number is already in use Elevation is not working Hosts do not display Import file lists fakepath Information does not display in the console License information in report is not accurate Out of memory error Post install configuration fails on Unix or Mac Privilege Manager feature issues Profile task never completes questusr account was deleted Readiness check failed Recovering from a failed upgrade Reports are slow Reset the supervisor password Running on a Windows 2008 R2 domain controller Service account login fails Setting custom configuration settings Single Sign-on (SSO) issues JVM memory tuning suggestions Start/stop/restart Management Console for Unix service Toolbar buttons are not enabled UID or GID conflicts
System maintenance Command line utilities Web services Database maintenance About us

Check Authentication Services agent status commands not available

The "Check QAS" commands are only available for hosts that have the Authentication Services 4.0.3.78 (or later) Agent software installed. If your version of Authentication Services is not using the 4.0.3.78 version of the vas_status.sh script, the mangement console will not report QAS agent status. Furthermore, if you customize the vas_status.sh script, ensure the output for customized tests are in CSV format so that the mangement console will correctly report the results.

CSV or PDF reports do not open

If you are having trouble opening CVS or PDF reports, here are some suggestions:

  • Make sure your browser does not have a pop-up blocker enabled for the site. PDF and CSV files are opened as a window pop-up and require you to disable any browser pop ups before the report will open.
  • If you are running Management Console for Unix on Internet Explorer, you may need to adjust your IE settings, as explained below:

To adjust your IE settings

  1. From the Tools menu, select Internet Options.
  2. On the Advanced tab, scroll to Security section.
  3. Clear the Do not save encrypted pages to disk option.
  4. Apply the changes.
  5. Close and reopen your browser.
  6. Try downloading that file again.

Or, you may need to reset your Download options.

To modify the Download Internet options

  1. From your Internet Explorer browser, navigate to Tools | Internet Options and click the Security tab.

  2. In the Security Settings dialog, click the Custom level button, scroll down to Downloads, and ensure that the Automatic prompting for file downloads and File download settings are set to Enable.

    Note: If you hold down the Ctrl key after you open the Export drop-down menu and select PDF, it allows the download to happen even if you have the Automatic prompting for file downloads setting disabled.

Database port number is already in use

The database server binds to port 9001. If you see an error in the log file stating that port 9001 is already in use, change the database default port number.

To change the database port number

  1. Locate the jdbc.properties file.

    If it does not exist, create this text file and save it in the application data directory:

    • On Windows:
      %SystemDrive%:\ProgramData\Quest Software\Management Console for Unix\resources
    • On Unix/Linux:
       /var/opt/quest/mcu/resources
  2. Open the jdbc.properties file with a text editor and enter the following line:
    hsql.server.port=n

    where: n is an unused port on the host where the console is running.

Elevation is not working

If you run a task using elevation and that user does not have rights to perform that action, you will get an error. The error message will tell you what command that user account is unable to run. Verify the elevation password is correct and that the user has been granted permission to run that command. Edit the policy file and give that user permission to run that command.

You can generate an Access & Privilege report to gather more information. See Access & Privileges reports for details.

Documents connexes