サポートと今すぐチャット
サポートとのチャット

Privilege Manager for Unix 7.2.1 - Administration Guide

Introducing Privilege Manager for Unix Planning Deployment Installation and Configuration Upgrade Privilege Manager for Unix System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager for Unix Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager for Unix Variables
Variable names Variable scope Global input variables Global output variables Global event log variables PM settings variables
Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures
Environment functions Hash table functions Input and output functions LDAP functions LDAP API example List functions Miscellaneous functions Password functions Remote access functions String functions User information functions Authentication Services functions
Privilege Manager for Unix programs Installation Packages

InTrust Plug-in for Privilege Manager for Unix

Quest® InTrust for Active Directory provides a centralized auditing point allowing you to collect and report on the audit data from Privilege Manager for Unix as well as many other data sources you may have in your IT infrastructure.

Figure 10: Audting with InTrust Plug-in

InTrust for Active Directory auditing capabilities allow you to collect and report on the audit data from your Privilege Manager for Unix Security system. Featuring a fully automated workflow, InTrust for Active Directory helps you:

  • Gather the Privilege Manager for Unix event logs from the policy servers running on several different platforms
  • Consolidate, store, and analyze the gathered data
  • Create reports on various aspects of your Privilege Manager for Unix security system operation

InTrust for Active Directory provides reports on the following Privilege Manager for Unix System areas:

  • All events
  • Elevated privilege events
  • All events grouped result
  • Out of band events
  • Rejected events

InTrust Plug-in requirements

InTrust for Active Directory supports Privilege Manager for Unix version 5.5 and above.

You can collect data from Privilege Manager for Unix hosts running on any of the UNIX platforms supported by InTrust.

To use the MSI installer for the InTrust Reporting Pack, your InTrust Server must use the WindowsSQL Server 2005 as its back-end database.

Installing InTrust Plug-in components

To configure InTrust for Privilege Manager for Unix you must install and configure several components separately. The diagram below shows the major components for the InTrust for Active Directory Plug-in.

Figure 11: InTrust Plug-in components

To install and configure the InTrust for Active Directory Plug-in components

  1. Install Privilege Manager for Unix and identify which logs you wish to audit.
  2. Install and configure the pmintrust.sh script to run as the root user to extract the relevant data.

    One Identity recommends that you set up a daily cron job to run “pmrun pmintrust.sh” as the pmpolicy service user.

  3. Install an InTrust Agent on the Privilege Manager for Unix Policy Server.
  4. Configure the InTrust Server: Finding, Gathering, and Storing.
  5. Gather Data.
  6. Configure the InTrust Server: Reporting.

InTrust Plug-in installation prerequisites

Before you install the InTrust for Active Directory components:

  • Install and register an InTrust agent on the Privilege Manager for Unix policy server machine for the collection of syslog messages.

    For more information on this process, refer to the InTrust Preparing for Auditing and Monitoring Linux document.

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択