Chat now with support
Chat with Support

Safeguard Authentication Services 5.1.1 - Installation Guide

Privileged Access Suite for Unix Introducing One Identity Safeguard Authentication Services Installing and configuring Safeguard Authentication Services Installing and joining from the Unix command line Getting started with Safeguard Authentication Services Troubleshooting Enterprise package deployment

Logging Options

The Logging Options section allows you to enable logging for all Safeguard Authentication Services Windows components. This setting only applies to the local computer. Logging can be helpful when trying to troubleshoot a particular problem. Because logging causes components to run slower and use more disk space, you should set the Log Level to Disabled when you are finished troubleshooting.

Enabling debug logging on Windows

To enable debug logging for all Safeguard Authentication Services Windows components

  1. Open Control Center and click Preferences on the left navigation pane.
  2. Expand the Logging Options section.
  3. Open the Log level drop-down menu and set the log level to Debug.

    Debug generates the most log output. Higher levels generate less output. You can set the Log level to Disabled to disable logging.

  4. Click to specify a folder location where you want to write the log files.

    Safeguard Authentication Services Windows components log information into the specified log folder the next time they are loaded. Each component logs to a text file named after the DLL or EXE that generates the log message.

Schema Attributes

From the Control Center, select Preferences then Schema Attributes to view and update schema configurations. These attribute mappings can be customized:

Unix Attributes

The Unix schema attributes are fully customizable in Safeguard Authentication Services. The Unix Attributes section allows you to see which LDAP attributes are mapped to Unix attributes. You can modify this mapping to enable Safeguard Authentication Services to work with any schema configuration. To customize the mapping, you select a schema template or specify your own custom attributes. A schema template is a pre-defined set of common mappings which adhere to common schema extensions for storing Unix data in Active Directory.

From the Control Center, select Preferences | Schema Attributes. Click the Unix Attributes link in the upper right to display the Customize Schema Attributes dialog.

Safeguard Authentication Services supports the following schema templates if the required schema is installed:

Table 23: Unix schema attributes
Schema Template Description

Schemaless

A template that encodes Unix attribute data in an existing multi-valued attribute.

Windows R2

A template that uses attributes from the Windows 2003 R2 schema extension.

Services for Unix 2.0

A template that uses attributes from the SFU 2.0 schema extension.

Services for Unix 3.0

A template that uses attributes from the SFU 3.0 schema extension.

BEST PRACTICE: Use a schema designed for storing Unix data in Active Directory whenever possible. Schemas designed for storing Unix data in Active Directory include: Windows 2003 R2, SFU 2, and SFU 3. Only use "schemaless" or custom mappings if it is impossible to make schema extensions in your environment.

NOTE: If you are running Safeguard Authentication Services without an application configuration in your forest and your domain supports Windows R2, you can enable Safeguard Authentication Services to use the Windows R2 schema. However, note that some functionality provided by the Safeguard Authentication Services application configuration will be unavailable.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating