InTrust provides all of its reporting services through the InTrust Knowledge Portal which is based on Microsoft SQL Server® Reporting Services. This provides functionality to generate reports dynamically from the InTrust data store and display them though a simple browser based utility.
The Knowledge Portal allows you to create reports manually, however there are a number of pre-compiled reports that gather the following Privilege Manager event log data:
The reports are provided in a .msi installer which installs and configures the required Knowledge Portal components. To view the reports, simply load the Knowledge Portal using Start | Programs | Quest Software | Quest InTrust Knowledge Portal | Quest InTrust Knowledge Portal, then select InTrust for Privilege Manager from the report list.
For more information, please refer to the InTrust for Active Directory documentation.
The general concept behind the InTrust server is that you configure a number of objects individually to perform a specific part of the data gathering process. These objects are then combined to form a work flow system. These are the objects you need to configure to complete a simple data gathering work flow:
You can either manually create these objects or import them from the Privilege Manager Knowledge Pack.
To import these objects
Run the InTrustPDOImport import utility:
InTrustPDOImport.exe –import <object>
The import utility is located by default in:
<install location>\Quest Software\InTrust\Server\ADC\SupportTools
Once you have imported the objects, add the list of Privilege Manager policy servers to the site object.
NOTE: For more information about importing objects, please refer to the InTrust Creating Custom Data Collection documentation.
Once configured, the InTrust server objects can gather the data.
NOTE: By default the Privilege Manager gathering task provided in the knowledge pack retrieves event log data on a daily basis. However, you can customize this setting in the Gathering Policy.
Quest recommends that you verify the gathering process by running the task manually.
To run the gathering process manually
The details of a gathering job are recorded in sessions, accessible by means of the tree view.
The example below shows the result of a successful job.
Debug logs can help you determine if the sudo options are being enabled correctly in the policy.
To display debug information for Sudo policy
$ sudo – D9 <command>
NOTE: Specifying the –D9 option with the sudo command, enables maximum debugging, which is useful for verifying options in the sudoers policy. For example run the following and examine the output:
$ sudo –D9 id