How do I convert my sudo security policies to work with Quest Privilege Manager for Unix?
The sudo conversion utility (pmsudoconv) provides a convenient method for customers to use their existing sudo policy with Privilege Manager while familiarizing themselves with the basics of policy scripting.
The conversion process will generate a set of standalone policy files that will replicate the same behaviour as the sudo policy, with the main body of the converted policy contained within the file "pmsudoconv.sudoers.conf". The other policy files "pm.conf", "exec_defaults.conf" and "init_defaults.conf" are configuration files where settings such as the level of logging and authentication type and be configured.
While it may be possible to manually edit these converted policy files to extend the policy to cater for new users and hosts, some customers may find it easier to simply update their existing sudo policy and reconvert, until they have familiarized themselves with the basics of policy scripting.
Once familiar with policy scripting, we recommend customers create their own Privilege Manager policy in order to leverage the full benefit of Privilege Manager within their environment.
A document describing the conversion process in detail can be found in the attached document "Privilege_Manager_for_UNIX_55_sudo_Security_Policy_Conversion.pdf".
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center