int vas_user_get_groups ( string username, string domainname [, boolean verbose] )
The vas_user_get_groups function checks membership of the group lists.
Returns the index of the matched list item if found, or -1 if not found.
int vas_user_in_ADgrouplist ( string username, string domain, list ADgrouplist [, boolean verbose] )
The vas_host_in_ADgrouplist function checks membership of the Active Directory group lists.
Returns the index of the matched list item if found, or -1 if not found.
int vas_user_is_member (string username, string groupname [, string domain [, boolean verbose]] )
The vas_user_is_member function checks whether a selected user name and selected domain is a member of the selected group. If domain is empty, it defaults to the joined domain. You can specify the group name as <domain>/<group> or <group>@<domain>.
Returns:
This section describes each of the Privilege Manager programs and their options. The following table indicates which Privilege Manager component installs each program.
Name | Description | Server | Agent | Sudo |
---|---|---|---|---|
Is a wrapper for the GNU Bourne Again SHell that provides transparent authorization and auditing for all commands submitted during the shell session. |
X |
X |
- | |
pmcheck |
Verifies the syntax of a policy file. |
X | - | X |
pmclientd |
The Privilege Manager Client daemon that listens on the configured policy server port and responds to a remote request. |
X | X | - |
pmclientinfo |
Displays configuration information about a client host. |
X | X | - |
pmcp |
Privilege Manager remote file copy command. |
X | X | - |
pmcsh |
Privilege Manager C Shell provides transparent authorization and auditing for all commands submitted during the shell session. |
X | X | - |
pmincludecheck |
Used by pmsrvconfig script on the primary server only. When configuring a primary server in pmpolicy type, if you do not have a policy file to import into the repository, then pmincludecheck initializes the policy from the current set of default policy files provided in the installation. |
X | - | - |
pminfo |
Registers the local host with the Privilege Manager 5.5 policy server. NOTE: pminfo is obsolete as of version 5.6 and is included for backwards compatibility only. |
X | X | - |
pmjoin |
Configures a Privilege Manager agent to communicate with the servers in the group. |
X | X | - |
pmkey |
Generates and installs configurable certificates. |
X | X | X |
pmksh |
Privilege Manager K Shell provides transparent authorization and auditing for all commands submitted during the shell session. |
X | X | - |
pmless |
A terminal pager program that allows you to view (by not modify) the contents of a text file one screen at a time. |
X | X | - |
pmlicense |
Displays current license information and allows you to update a license (an expired one or a temporary one before it expires) or create a new one. |
X | - | - |
pmlist | Lists the commands that the user is permitted to run. | X | X | - |
pmloadcheck |
Controls load balancing and failover for connections made from the host to the configured policy servers. |
X | X | - |
pmlocald |
The Privilege Manager Local daemon which runs programs when instructed to do so by the appropriate policy server daemon. |
X | X | - |
pmlog |
Displays entries in a Privilege Manager event log. |
X | - | - |
pmlogadm |
Manages encryption options on the event log. |
X | - | - |
pmlogsearch |
Searches all logs in a policy group based on specified criteria. |
X | - | - |
The Privilege Manager for Unix log access daemon, the service responsible for committing events to the Privilege Manager for Unix event log and managing the database storage used by the event log. |
X |
|
| |
pmmasterd |
The Privilege Manager Master daemon which examines each user request and either accepts or rejects it based upon information in the Privilege Manager configuration file. You can have multiple pmmasterd daemons on the network to avoid having a single point of failure. |
X | - | X |
pmmg |
A special version of an emacs text editor to use with Privilege Manager for Unix (gnu-style key bindings). |
X | X | - |
pmpasswd |
Generates an encrypted password which can be used in the configuration file. |
X | - | - |
pmpolicy |
A command-line utility for managing the Privilege Manager security policy. This utility checks out the current version, checks in an updated version, and reports on the repository. |
X | - | - |
pmpolicyconvert |
Utility that allows you to verify, and if necessary, convert any number of policy files for use with Privilege Manager V5.5 (or later). |
X | - | - |
pmpolsrvconfig |
Configures (or unconfigures) a primary or secondary policy server. Allows you to grant a user access to a repository. |
X | - | - |
pmremlog |
Provides a wrapper for the pmlog and pmreplay utilities to access the event (audit) and keystroke (I/O) logs on any server in the policy group. |
X | - | - |
pmreplay |
Replays an I/O log file allowing you to review what happened during a previous privileged session. |
X | - | - |
pmresolvehost |
Verifies the host name or IP resolution for the local host or a selected host. |
X | X | X |
pmrun |
Allows a user to run a command from their local machine as root. The policy server daemon, pmmasterd, examines each request from pmrun, and either accepts or rejects it based upon the policies specified in the policy file. |
X | X | - |
Allows Privilege Manager for Unix to launch the remote scp daemons. |
X |
- |
- | |
pmserviced |
The Privilege Manager Service daemon listens on the configured ports for incoming connections for the Privilege Manager daemons. pmserviced uses options in pm.settings to determine the daemons to run, the ports to use, and the command line options to use for each daemon. |
X | X | X |
pmsh |
Privilege Manager Bourne Shell that provides transparent authorization and auditing for all commands submitted during the shell session. |
X | X | - |
pmshellwrapper |
A wrapper for any valid login shell on a host. |
X | X | - |
pmsrvcheck |
Checks the Privilege Manager policy server configuration to ensure it is setup properly. |
X | - | - |
pmsrvconfig |
Configures a primary or secondary policy server. |
X | - | - |
pmsrvinfo | Verifies the policy server configuration. | X | - | - |
pmstatus |
Verifies connectivity between Privilege Manager and the pmlocald and pmmasterd daemons on the specified hosts. |
X | X | - |
pmsum |
Generates a simple checksum of a binary. |
X | - | - |
pmsysid |
Displays the Privilege Manager system ID. |
X | X | X |
pmtunneld |
The Privilege Manager Tunnel daemon that acts as a proxy for pmrun when pmlocald communicates with pmrun through a firewall. |
X | X | - |
pmumacs |
A special version of a microemacs text editor to use with Privilege Manager for Unix (gosling-style key bindings). |
X | X | - |
pmverifyprofilepolicy |
Verifies the syntax and structure of the policy file and checks whether a particular command will be accepted or rejected. |
X | - | - |
pmvi |
A special version of the vi text editor to use with Privilege Manager for Unix. |
X | X | - |
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Conditions d’utilisation Confidentialité