Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Privilege Manager for Unix 6.1.1 - Administration Guide for Unix

One Identity Privileged Access Suite for Unix Introducing Privilege Manager for Unix Planning Deployment Installation and Configuration Upgrade Privilege Manager for Unix System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager Variables Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures Privilege Manager programs Installation Packages

Load balancing on the client

Load balancing is handled on each client, using information that is returned from the policy server each time a session is established.

If a session cannot be established because the policy server is unavailable (or offline) that policy server is marked as unavailable, and no further pmrun sessions are sent to it until the next retry interval.

pmloadcheck runs transparently on each host to check the availability and loading of the policy server. When a policy server is marked as unavailable, pmloadcheck attempts to connect to it at intervals. If it succeeds, the policy server is marked as available and able to run Privilege Manager sessions.

To view the current status of the policy server

  • Run the following command:

    # pmloadcheck [-f]

If the policy server cannot be contacted, the last known information for this host is reported.

Remove configurations

You can remove the Privilege Manager Server or PM Agent configurations by using the –u option with the following commands:

  • pmsrvconfig to remove the Privilege Manager for Unix Server configuration
  • pmjoin to remove the PM Agent configuration

Take care when you remove the configuration from a policy server, particularly if the policy server is a primary server with secondary policy servers in the policy group, as agents joined to the policy group will be affected.

Uninstalling the Privilege Manager software packages

To uninstall the Privilege Manager packages

  1. Log in and open a root shell.
  2. Use the package manager for your operating system to remove the packages:
Table 5: Privilege Manager Server unistall commands
Package Command
RPM # rpm -e qpm-server
DEB # dpkg -r qpm-server
Solaris # pkgrm QSFTpmsrv
HP-UX # swremove qpm-server
# installp -u qpm-server
Table 6: PM Agent uninstall commands
Package Command
RPM # rpm -e qpm-agent
DEB # dpkg -r qpm-agent
Solaris # pkgrm QSFTpmagt
HP-UX # swremove qpm-agent
# installp -u qpm-agent

Upgrade Privilege Manager for Unix

Privilege Manager for Unix supports a direct upgrade installation from version 6.0. The Privilege Manager software in this release is provided using platform-specific installation packages.

If you are currently running Privilege Manager for Unix 6.0, it may be possible to perform a direct upgrade installation depending on the package management software on your platform (Note: Direct upgrade installations are not possible with Solaris.pkg packages). If you perform a direct upgrade installation, your previous configuration details are retained. Where a direct upgrade is not possible, you must first remove the previously installed package, and install and configure Privilege Manager as a new product installation.

Documents connexes