サポートと今すぐチャット
サポートとのチャット

Safeguard Authentication Services 6.0.1 - Administration Guide

Privileged Access Suite for UNIX Introducing One Identity Safeguard Authentication Services UNIX administration and configuration Identity management Migrating from NIS Managing access control Managing local file permissions Certificate Autoenrollment Integrating with other applications Managing UNIX hosts with Group Policy
Safeguard Authentication Services Group Policy
Group Policy Concepts UNIX policies One Identity policies
Display specifiers Troubleshooting Glossary

Cron policy

The Cron policy manages the UNIX cron daemon. cron is the UNIX process scheduler. Administrators can specify a set of "crontab" entries that define the behavior and scheduling of the UNIX cron daemon.

cron entries are "append only" and cannot be overridden. However, if there is more than one of the same entry, the entry is only added once to the user's crontab file.

For more details, see the cron man page. For information about accessing the cron man page, see Using manual pages (man pages).

Creating or modifying a crontab file

This section describes how to create and modify crontab files. crontab entries define the behavior and scheduling of the UNIX cron daemon. For more information, see Cron policy.

To create or modify a crontab file

  1. Start Group Policy Editor.

  2. Select the UNIX Settings > Safeguard Authentication Services > Client Configuration node.

  3. Double-click Cron in the results pane.

    The Cron Properties dialog opens.

  4. Click the Add button.

    The Crontab Entry Data dialog opens.

  5. Click OK to save this new configuration for the crontab file.

Configuring a crontab entry

When you click Add on the Cron Properties dialog, the Crontab Entry Data dialog opens and allows you to configure a crontab entry.

To configure a crontab entry

  1. In the UNIX Command field, enter either the full path to the command you want to run or just the command name if it is in the path of the specified user.

  2. In the Username field, enter the login name of the user whose crontab you want to modify.

  3. Under Scheduling Rules, enter the following:

    Minutes: Enter a number from 0 to 59, a comma-separated list of numbers, or a dash-separated range, such as 15-20,59.

    Hours: Enter a number from 0 to 23, a comma-separated list of numbers, or a dash-separated range, such as 18-23,5.

    Day of Month: Enter a number from 1 to 31, a comma-separated list of numbers, or a dash-separated range, such as 14-20,31.

    Month: Enter a number from 1 to 12, a comma-separated list of numbers, or a dash-separated range, such as 1-6,12.

    Day of Week: Enter a number from 0 to 6, a comma-separated list of numbers, or a dash-separated range, such as 6,1-4. Sunday is 0.

  4. Click OK to close the dialog.

Files policy

The Files policy allows you to add, edit, or remove file settings. You can also edit a specific file listed in the File Path field.

The Files policy allows administrators to specify a list of files to copy to UNIX hosts. When you add files to the Files policy, Group Policy copies the specified source files to the GPT on SYSVOL. UNIX agents download the files from SYSVOL when they apply policy.

You can specify the target path, ownership, and permissions for each file. File policies provide all of the advantages of Group Policy's built-in undo mechanism. When you unlink or delete file policies, it deletes the associated files on the host or replaces it with the previous file contents, unless you select the Copy Files Permanently option. If no source is specified, the Group Policy agent searches for the target file and sets the specified ownership and permissions. The ownership and permissions are restored when the policy is un-applied.

Files policies can be overridden. If there are multiple policies affecting the same file entry, the permissions, ownership, and contents of the file are dictated by the lowest policy in the hierarchy affecting that file or the highest enforced policy affecting that file in the hierarchy.

Files policy supports non-tattooing, block inheritance, ACL filtering, and enforced settings. Multiple entries with the same target are resolved according to the Group Policy Conflict Resolution rules.

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択