The management console provides comprehensive reporting which includes reports that can help you plan your deployment, consolidate Unix identity, secure your hosts and troubleshoot your identity infrastructure. The following tables list the reports that are available in Management Console for Unix.
Note: Report availability depends on several factors:
The following reports provide Unix host information that is gathered during the profiling process.
Report | Description |
---|---|
Safeguard Authentication Services Readiness |
Provides a snapshot of the readiness of each host to join Active Directory. This report is best used for planning and monitoring migration projects. The basic report includes the following information:
Use the following report parameters to define details to include in the report.
NOTE: This report is available when you are logged on as the supervisor or an Active Directory account in the Manage Hosts role. |
Privilege Manager Readiness |
Provides a snapshot of the readiness of each host to join a policy group. The basic report includes the following information:
Use the following report parameters to define details to include in the report.
NOTE: This report is available when you are logged on as the supervisor or an Active Directory account in the Manage Sudo Policy role or the Audit Sudo Policy role. |
Unix Computers in AD |
Lists all Unix computers in Active Directory in the requested scope. By default, this report is created using the default domain as the base container. Browse to search Active Directory to locate and select a different base container to begin the search. NOTE: This report is available when you are logged on as an Active Directory account in the Manage Hosts role. |
Unix Host Profiles |
Summarizes information gathered during the profiling process of each managed host. This report includes the following information:
Use the following report parameters to define details to include for each host.
NOTE: This report is available when you are logged on as the supervisor or an Active Directory account in the Manage Hosts role. |
The following reports provide local and Active Directory user information.
Report | Description |
---|---|
AD User Conflicts |
Returns all users with Unix User ID numbers (UID numbers) assigned to other Unix-enabled user accounts. By default, it creates this report using the default domain as the base container. Browse to search Active Directory to locate and select a different base container to begin the search. NOTE: This report is available when you are logged on as an Active Directory account in the Manage Hosts role. |
Local Unix User Conflicts |
Identifies local user accounts that would conflict with a specified user name and UID on other hosts. You can use this report for planning user consolidation across your hosts. This report includes the following information:
Use the following report parameters to define the user name and UID number that would cause a conflict with existing local user accounts:
NOTE: This report is available when you are logged on as the supervisor or an Active Directory account in the Manage Hosts role. |
Local Unix Users |
Lists all users on all hosts or lists the hosts where a specific user account exists in /etc/passwd. This report includes the following information:
If you do not define a specific user, it includes all local users on each profiled host in the report. To locate a specific user, use the following report parameters:
NOTE: When you specify multiple report parameters, it uses the AND expression; therefore, ALL of the selected parameters must be met in order to locate the user account. NOTE: This report is available when you are logged on as the supervisor or an Active Directory account in the Manage Hosts role. |
Local Unix Users with AD Logon |
Identifies the local user accounts that are required to use Active Directory credentials to log onto the Unix hosts. This report includes the following information for hosts that are joined to an Active Directory domain:
NOTE: This report only includes hosts joined to an Active Directory domain with a Safeguard Authentication Services 4.x agent. NOTE: This report is only available when the host has Safeguard Authentication Services 4.x or later installed and is joined to Active Directory. You must be logged in with an Active Directory account in the Manage Hosts role. |
Master /etc/passwd List |
Provides a consolidated list of all user accounts from all hosts, excluding any local users marked as system users. This report includes the following information:
You can consolidate the list of user accounts by matching values for accounts across multiple hosts. Accounts found with matching values are listed as a single local account. This list is best used for migrating local users to Active Directory. Indicate how you want to match user accounts by selecting the value parameters that you want to match:
Optionally, you can include the host name for the accounts, as well:
This report is available when you are logged on as the supervisor or an Active Directory account in the Manage Hosts role. NOTE: If you select the Include the host name for accounts option, the management console adds a column to the Master_etc_passwdList .csv file to identify the host for each user account. One Identity provides the Host column information to help you resolve the entries in the file. However, before you import the .cvs file into the Unix Account Import Wizard, you must remove the Host column. You can easily migrate local users to Active Directory by exporting the Master /etc/passwd List report, then importing it into the Unix Account Import Wizard, accessible from the Safeguard Authentication Services Control Center's Tools link. The Unix Account Import wizard is a versatile tool that helps migrate Unix account information to Active Directory. It is especially well-suited to small, one-shot import tasks such as importing all the local user accounts from a specific Unix host. The Unix Account Import Wizard can import Unix data as new user and group objects or use the data to Unix-enable existing users and groups. |
Unix-Enabled AD Users |
Lists all Active Directory users that have Unix user attributes. NOTE:
By default, it creates this report using the default domain as the base container. Browse to search Active Directory to locate and select a different base container to begin the search. NOTE: This report is only available if you have configured the management console to recognize Active Directory objects (see Configuring the Console to Recognize Unix Attributes in AD in the online help), and you are logged on as an Active Directory account in the Manage Hosts role. |
The following reports provide local and Active Directory group information.
Report | Description |
---|---|
AD Group Conflicts |
Lists all Active Directory groups with Unix Group ID (GID) numbers assigned to other Unix-enabled groups. By default, it creates this report using the default domain as the base container. Browse to search Active Directory to locate and select the base container to begin the search. NOTE: This report is available when you are logged on as an Active Directory account in the Manage Hosts role. |
Local Unix Groups |
Identifies the hosts where a specific group exists in /etc/group. This report includes the following information:
If you do not specify a group, it includes all local groups on each profiled host in the report. To locate a specific group, use the following report parameters:
NOTE: The Member contains field accepts multiple entries separated by a comma. Spaces are taken literally in the search. For example, entering:
NOTE: When you specify multiple report parameters (for example, Group Name contains, GID Number is, and Member contains), it uses the AND expression; therefore, ALL of the selected parameters must be met in order to locate a group. In addition, it includes all of the group members in the report by default, but you can clear the Include all group members in report option. NOTE: This report is available when you are logged on as the supervisor or an Active Directory account in the Manage Hosts role. |
Unix-Enabled AD Groups |
Lists all Active Directory groups that have Unix group attributes. NOTE: A Group object is considered 'Unix-enabled' if it has a value for the GID Number. By default, it creates this report using the default domain as the base container. Browse to search Active Directory to locate and select a different base container to begin the search. NOTE: This report is only available if you have configured the management console to recognize Active Directory objects (see Configuring the Console to Recognize Unix Attributes in AD in the online help), and you are logged on as an Active Directory account in the Manage Hosts role. |
© ALL RIGHTS RESERVED. 利用規約 プライバシー Cookie Preference Center