Chat now with support
Chat with Support

Safeguard Authentication Services 4.1.5 - Installation Guide

One Identity Privileged Access Suite for Unix Introducing One Identity Authentication Services Installing and configuring Authentication Services Installing and joining from the Unix command line Getting started with Authentication Services Troubleshooting Enterprise package deployment

Summary dialog

To complete the Management Console for Unix Setup wizard

  1. On the Summary dialog, click Finish.

    The Management Console for Unix log in screen opens.

Management Console for Unix log on page

Whenever you launch the mangement console, you must enter an authorized account to proceed. The Management Console for Unix features that are available depend on the account with which you log in.

To use the core version to manage local Unix users and groups and to access the mangement console system settings, you must use the supervisor account (that is, you must log on with the supervisor user name). However, to use the Active Directory features of Management Console for Unix, you must log on with an Active Directory account that has been granted access to the mangement console. That is, defined during the post-installation configuration. (See Setup Console Access by Role in online Help for details.) To add additional accounts to this access list, see Add (or Remove) Role Members in online Help for details.

To log on to the mangement console

  1. Enter the user name and password and click Sign In.

    Enter:

    • the supervisor account name
    • a sAMAccountName, which uses the default domain
    • a User Principal Name in the form, username@domain

    The mangement console opens and displays the user name you specified in the upper right-hand corner of the screen.

  2. To log on using a different account, click the authenticated user's login name and click Sign Out. Then sign back on using a different account.

    The Log-on page redisplays, allowing you to enter a different account.

Prepare Unix hosts

The mangement console provides a central management and reporting console for local Unix users and groups.

Using Management Console for Unix with Authentication Services not only allows you to centrally manage your hosts, but it allows you to do these additional features for managing Unix systems with Active Directory:

  • Ability to remotely install Authentication Services agents, join systems to Active Directory, and implement AD-based authentication for Unix, Linux, and Mac OS X systems.
  • Ability to manage access control on a single host system or across multiple hosts.
  • Ability to create reports about Unix-enabled users and groups in Active Directory.
  • Ability to create access control reports that show which user is permitted to log into which Unix host.

Whether you have the core version or are using the mangement console with Authentication Services, once you have successfully installed Management Console for Unix, you must first add your hosts to the console, and then profile them to gather system information. Once a host is added and profiled you can then manage users and groups on the hosts and run reports.

Add hosts to the management console

In order to manage a Unix host from the mangement console, you must first add the host. Go to the Hosts tab of the mangement console to either manually enter hosts or import them from a file.

To add hosts to the mangement console

  1. Click the Add Hosts tool bar button to display the Add Hosts dialog.
  2. To manually add one or more hosts, enter the FQDN, IP address, or short name of a host you want to add to the mangement console and either click the Add button or press Enter.

    Once added, the Host column displays the value you enter. The mangement console uses that value to connect to the host. You can rename the host if it has not been profiled using the Rename Host command on the Host panel of the tool bar. After a host is profiled the only way to change what is displayed in the Host column is to remove the host from the console and re-add it. For example, if you add a host by its IP address, the IP address displays in the Host column (as well as in the IP Address column); to change what is displayed in the Host column, you must use the Remove from console tool bar button to remove the host from the console; then use the Add Hosts button to re-add the client by its host name. If you had profiled the host before removing it, you will have to re-profile it after re-adding it.

  3. To add hosts from a known_hosts file, click the Import button.
    1. On the Import hosts from file dialog, browse to select a .txt file containing a list of hosts to import.

      Once imported, the host addresses display in the Add Host dialog list.

      Note: The valid format for an import file is:

      • .txt file - contains the IP address or DNS name, one per line
      • known_hosts file - contains address algorithm hostKey (separated by a space), one entry per line

      (See Known_hosts File Format in the online help for more information about the supported known_hosts file format.)

  4. Once you have a list of one or more hosts to add, if you do not wish to profile the host(s) at this time, clear the Profile hosts after adding option.

    Note: If you add more hosts to the list than selected in the Rows to show drop-down menu in the View panel of the tool bar, this option is disabled.

  5. If you do not clear the Profile hosts after adding option on the Add Hosts dialog, when you click OK, the Profile Host dialog prompts you to enter the user credentials to access the host(s). (Refer to Profile hosts which walks you through the host profile steps.)
  6. If you clear the Profile hosts after adding option on the Add Hosts dialog, when you click OK, the Add Hosts dialog closes and control returns to the mangement console.

    The mangement console lists hosts that were successfully added on the All Hosts view by the FQDN, IP address, or short name of the hosts you entered on the Add Hosts dialog.

Related Documents