The first thing you must do is install and configure the host you want to use as your primary policy server.
Privilege Manager comes with a Preflight program that checks to see if your system meets the install requirements.
To check for installation readiness
For example, on a 64-bit Red Hat Linux, run:
# cd server/linux-x86_64
# chmod 755 pmpreflight
# sh pmpreflight.sh –-server
NOTE: Running pmpreflight.sh –-server performs these tests:
Privilege Manager uses TCP/IP to communicate with networked computers, so it is essential that you have TCP/IP correctly configured. If you cannot use programs such as ssh and ping to communicate between your computers, then TCP/IP is not working properly; consult your system administrator to find out why and make appropriate changes.
Ensure that your host has a statically assigned IP address and that your host name is not configured to the loopback IP address 127.0.0.1 in the /etc/hosts file.
When the agent and policy server are on different sides of a firewall, Privilege Manager needs a number of ports to be kept open. By default, Privilege Manager can use ports in the 600 to 31024 range, but when using a firewall, you may want to limit the ports that can be used.
You can restrict Privilege Manager to using a range of ports in the reserved ports range (600 to 1023) and the non-reserved ports range (1024 to 65535). We recommend that a minimum of six ports are assigned to Privilege Manager in the reserved ports range and twice that number of ports are assigned in the non-reserved ports range.
Use the setreserveportrange and setnonreserveportrange settings in the /etc/opt/quest/qpm4u/pm.settings file to open the ports in the required ranges. See PM settings variables for details.