Chat now with support
Chat with Support

Safeguard for Sudo 2.0 - Administrators Guide

One Identity Privileged Access Suite for Unix Introducing Privilege Manager for Unix Introducing Privilege Manager for Sudo Planning Deployment Installation and Configuration
Download Privilege Manager for Unix Software Packages Download Privilege Manager for Sudo Software Packages Quick Start and Evaluation Configure a Primary Policy Server Configure a Secondary Policy Server Install PM Agent or Sudo Plugin on a Remote Host Remove Configurations
Upgrading Privilege Manager System Administration Managing Security Policy The Privilege Manager for Unix Security Policy Advanced Privilege Manager for Unix Configuration Administering Log and Keystroke Files InTrust Plug-in for Privilege Manager Troubleshooting Privilege Manager for Unix Policy File Components Privilege Manager Variables Privilege Manager for Unix Flow Control Statements Privilege Manager for Unix Built-in Functions and Procedures Privilege Manager Programs Installation Packages Unsupported Sudo Options Sudo Plugin Policy Evaluation About us


string toupper( string str )

toupper returns a copy of str with all characters converted to uppercase, if possible. Some characters such as !£$%^& or numbers do not have an uppercase equivalent.

user = "ADRIAN" 
if ( user == toupper("Adrian")) { 
   accept; } 
if (tolower(input("User:"))=="adrian") 


list uname ()

The uname function returns a list containing the following uname information from the policy server:

  • Operating System Name
  • Network node hostname
  • Operating System Release
  • Operating System Version
  • Machine (hardware) type
print("Master OS is :" + uname());
Related Topics



Password Functions

These are the built-in password functions available to use within the policy file:

Table 45: Password functions
Name Description
getgrouppasswd Request a name and password of someone in the specified group on the policy server or agent.
getstringpasswd Request a password from the user to match one generated using pmpasswd.
getuserpasswd Request a user’s password on the policy server or agent.


int getgrouppasswd ( string group [, int attempts])

The getgrouppasswd function prompts you for a user name in the user group group on the policy server and then prompts for that user’s password and authenticates the user on the policy server. The user may try up to attempts times to correctly enter the password before the function exits. The default number of allowed attempts is 3.

By default, this function authenticates the user on the policy server. Set the value of getpasswordfromrun in pm.settings to yes to authenticate the user on the client instead.

Returns true if the user successfully authenticates on the policy server, otherwise returns false if the user fails to authenticate after attempts tries.

if (getgrouppasswd("admin", 2) == false) 
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating