To configure InTrust for Privilege Manager you must install and configure several components separately. The diagram below shows the major components for the InTrust for Active Directory Plug-in.
Figure 14: InTrust Plug-in Components
To install and configure the InTrust for Active Directory Plug-in Components
Quest recommends that you set up a daily cron job to run “pmrun pmintrust.sh” as the pmpolicy service user.
Before you install the InTrust for Active Directory components:
(For more information on this process, please refer to the document entitled InTrust Preparing for Auditing and Monitoring Linux.)
Run the pmintrust.sh script as the root user.
|
NOTE: You might need to edit pmintrust.sh to ensure it can find all relevant event log files. |
The script outputs event log data in a format that the InTrust Agent can handle. When the script runs, it creates a separate file for InTrust called /tmp/pm_evlog.intrust containing a plain text version of the events stored in the event log files.
To configure the policy server for the InTrust Plugin
# gzip –dc pmintrust.tgz | tar xvf - –C /tmp pmintrust/ pmintrust/pmpolicy.crontab pmintrust/root.crontab pmintrust/pmintrust.profile pmintrust/pmintrust.sh
# cp /tmp/pmintrust/pmintrust.sh /opt/quest/sbin
eventlog="/var/log/eventlogs/"+year+"/"+month+"/"+day+"/"+user+"_events.db";
Change the EVDIRS and EVGLOB variables in the pmintrust.sh script to:
EVDIRS=`find /var/log/eventlogs –type d` EVGLOB="*_events.db"
Quest recommends that you add a crontab entry as the pmpolicy service user, and configure the cronjob to run pmrun with root user privileges.
|
NOTE: The crontab entry is a file called pmpolicy.crontab in the pmintrust.tgz archive. |
The following crontab entry runs pmrun pmintrust.sh at 10:50 pm everyday:
50 22 * * * /opt/quest/bin/pmrun /opt/quest/sbin/pmintrust.sh
To add the crontab, login (or su) to the pmpolicy service account and execute the following command:
$ crontab /tmp/pmintrust/pmpolicy.crontab
Alternatively, you can configure the script to run directly as the root user by creating a root cron job, and skip part b) of this step.
|
NOTE: There is a root.cronjob file in the pmintrust.tgz archive. |
To checkout, add, and commit the changes to the policy, run the following pmpolicy command:
# /opt/quest/sbin/pmpolicy checkout –d /tmp # cp /tmp/pmintrust/pmintrust.profile /tmp/policy_pmpolicy/profiles/ # chown pmpolicy:pmpolicy /tmp/policy_pmpolicy/profiles/pmintrust.profile # /opt/quest/sbin/pmpolicy add –p profiles/pmintrust.profile –d /tmp # /opt/quest/sbin/pmpolicy commit –d /tmp –l ″add pmintrust profile″
# pmrun id
To install the InTrust Knowledge Pack
<INTRUST_HOME>\Server\ADC\SupportTools\
# InTrustPDOImport.exe -import D:\temp\PM_DataSource.xml # InTrustPDOImport.exe -import D:\temp\PM_GatheringJob.xml # InTrustPDOImport.exe -import D:\temp\PM_GatheringJob_igtc.xml # InTrustPDOImport.exe -import D:\temp\PM_GatheringPolicy.xml # InTrustPDOImport.exe -import D:\temp\PM_GatheringTask.xml # InTrustPDOImport.exe -import D:\temp\PM_Site.xml
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy