Authentication Services 4.2 - Administration Guide

One Identity Privileged Access Suite for Unix Introducing One Identity Authentication Services Unix administration and configuration Identity management Migrating from NIS Managing access control Managing local file permissions Certificate Autoenrollment Integrating with other applications Managing Unix hosts with Group Policy
Authentication Services Group Policy
Group Policy Concepts Unix policies One Identity policies
Display specifiers Troubleshooting

Local Group Override file

The Group Local Override file contains information about mappings between Active Directory and local groups. It is produced by oat_match and is used by Authentication Services to override properties of Active Directory users on the local host.

Syntax
<group_local_override_list> ::= { <group_local_override_record> <CRLF> }
<group_local_override_record> ::= <AD_group> ':' <local_group>
<AD_group> ::= <Group Name>
<local_group> ::= <Override Group Name> ':' <GID> ':' [<Additional Members>]
<Group Name> ::= <character> {<character>}
<Override Group Name> ::= <character> {<character>}
<GID> ::= <digit> { <digit> }
<Additional Members> ::= <User name> { ',' <User name> }
<User name> ::= <character> {<character>}
Sample
spartak:spartak:1002:

Files to Process List file

The Files to Process List file contains a list of files and directories for which you want to change the ownership. It is produced by X? and is passed to oat_changeowners.

Syntax
<file_list> ::= { < file_list_entry > <CRLF> }
<file_list_entry> ::= <full_file_name> | <full_directory_name>
<full_file_name> ::= '/' { <character> }
<full_directory_name> ::= '/' { <character> }
Sample
/home/alex
/home/mike
/etc
/opt/quest/bin/vastool

Files to Exclude List file

The Files to Exclude List file contains a list of files and directories for which you do not want to change the ownership. It is produced by X? and is passed to oat_changeowners.

Syntax
<file_list> ::= { < file_list_entry > <CRLF> }
<file_list_entry> ::= <full_file_name> |
<full_directory_name> |
<regular_expression>
<full_file_name> ::= '/' { <character> }
<full_directory_name> ::= '/' { <character> }
<regular_expression> ::= 'regexp:' { <character> }
Sample
/home/alex
/home/mike
/etc
/opt/quest/bin/vastool

Processed Files List file

The Processed Files List file contains a list of files and directories for which the ownership was changed. It is produced by oat_changeowners. Backup files are saved in /var/opt/quest/oatwork.

Syntax
<file_list> ::= { <full_file_name> '(' <original_permissions> ')' <CRLF> }
<full_file_name> ::= <character> { <character> }
<original_permissions> ::= <character> { <character> }
Sample
/home/alex/work/ownertool/src/changer/test(0,0,l)
/home/alex/work/ownertool/src/changer/test/inner(0,0,l)
/home/alex/work/ownertool/src/changer/test/inner/copy_root:spartak(0,0,l)
/home/alex/work/ownertool/src/changer/test/inner/ln_masha:spartak(0,0,l)
/home/alex/work/ownertool/src/changer/test/inner/copy_masha:spartak(0,0,l)
/home/alex/work/ownertool/src/changer/test/root:spartak(0,0,l)
/home/alex/work/ownertool/src/changer/test/dup_inner(0,0,l)
/home/alex/work/ownertool/src/changer/test/dup_inner/copy_root:spartak(0,0,l)
Related Documents