You use the pmsrvconfig -s <primary_policy_server> command to configure a secondary server. See pmsrvconfig for more information about the pmsrvconfig command options.
To configure the secondary server
# pmsrvconfig –s <primary_policy_server>
where <primary_policy_server> is the hostname of your primary policy server.
pmsrvconfig prompts you for the "Join" password from the primary policy server, exchanges ssh keys for the pmpolicy service user, and updates the new secondary policy server with a copy of the master (production) policy.
Once you have installed and configured a secondary server, you are ready to join the Sudo Plugin to it. See Join hosts to policy group for details.
Safeguard generates log files containing event timestamps based on the local clock of the authorizing policy server.
To synchronize all policy servers in the policy group, use Network Time Protocol (NTP) or a similar method of your choice.
Once you have installed and configured the primary policy server, you are ready to install a Sudo Plugin on a remote host.
To check a Sudo Plugin host for installation readiness
# sh pmpreflight.sh –-sudo –-policyserver <myhost>
where <myhost> is the hostname of the primary policy server.
Running pmpreflight.sh –-sudo performs these tests:
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center