Chat now with support
Chat with Support

One Identity Management Console for Unix 2.5.2 - Administration Guide

One Identity Privileged Access Suite for Unix Introducing One Identity Management Console for Unix Installing Management Console for Unix Preparing Unix hosts Working with host systems Managing local groups Managing local users Active Directory integration Authentication Services integration Privilege Manager integration
Getting started Configure a primary policy server Configure a secondary policy server Install PM agent or Sudo plugin on a remote host Security policy management
Opening a policy file Edit panel commands Editing PM policy files Reviewing the Access and Privileges by User report Reviewing the Access and Privileges by Host report
Event logs and keystroke logging
Reporting Setting preferences
User preferences System preferences
Security Troubleshooting tips
Auto profiling issues Active Directory Issues Auditing and compliance Cannot create a service connection point Check Authentication Services agent status commands not available CSV or PDF reports do not open Database port number is already in use Elevation is not working Hosts do not display Import file lists fakepath Information does not display in the console License information in report is not accurate Out of memory error Post install configuration fails on Unix or Mac Privilege Manager feature issues Profile task never completes questusr account was deleted Readiness check failed Recovering from a failed upgrade Reports are slow Reset the supervisor password Running on a Windows 2008 R2 domain controller Service account login fails Setting custom configuration settings Single Sign-on (SSO) issues JVM memory tuning suggestions Start/stop/restart Management Console for Unix service Toolbar buttons are not enabled UID or GID conflicts
System maintenance Command line utilities Web services Database maintenance About us

General | Console Information settings

| Console Information settings

Use the Console Information settings to specify the information the Control Center uses to identify the mangement console. Hosts configured for automatic profiling or automatic QAS agent status also use this information to contact the mangement console server. You can also register a Service Connection Point (SCP) with Active Directory so that a client application (such as Control Center) can locate and browse to instances of the mangement console running on the network.

Table 74: Console Information settings
Option Description
Console Information

Console host address

Enter the URL to access this mangement console

Console name

Optionally, enter the name of the computer where you installed this mangement console. This field is pre-populated with the computer's DNS name, but you can modify it.

Contact

Optionally, enter the user name of the contact person responsible for installing and maintaining this mangement console.

Description

Optionally, enter a brief description to identify this mangement console on the network.
Publish console to Active Directory

Register a Service Connection Point with Active Directory

Select this option to create an SCP for Management Console for Unix with Active Directory.

NOTE: You can only register an SCP if the host is joined to an Active Directory domain. The host must have Management Console for Unix installed and the mangement console must be configured for Active Directory.

See Publishing console to Active Directory for details.

Note: See Console Information settings for details.

General | Change Password settings

| Change Password settings

Use the Change Password settings to change the supervisor account password.

Table 75: Change Password settings
Option Description
Change supervisor account password
Current password Enter the current password for the supervisor account.
New password Enter the new password for the supervisor account.
Confirm new password Re-enter the new password.

Note: See Changing supervisor account password for details.

General | Custom Privilege Elevation settings

| Custom Privilege Elevation settings

Use the Custom Privilege Elevation settings to specify up to three custom privilege elevation commands to use when performing tasks on hosts that require elevated privileges.

Note: See Setting custom privilege elevation commands for details.

Console Roles and Permissions settings

Use the Console Roles and Permissions settings to set the permissions for each role and to add members to roles.

Table 76: Console Roles and Permissions settings
Role Description
Manage Hosts Members of this role can add, view, and manage hosts. They can also run reports.
Manage Sudo Policy Members of this role can view and edit the sudoers configuration file, and have access to a read-only view of the hosts in the mangement console.
Audit Sudo Policy Members of this role can audit sudo policy through reports and keystroke replay, can run reports, and have access to a read-only view of the hosts in the mangement console.
Console Administration Members of this role can change the mangement console system settings, and have access to a read-only view of the hosts in the console.
Manage Console Access Members of this role can manage access to the mangement console using roles and permissions, and have access to a read-only view of the hosts in the console.
Reporting Members of this role can run and view all reports.

Note: All roles have log on permission. (See Console Roles and Permissions system settings for details.)

Related Documents