To Unix-enable an Active Directory user
It populates the properties with default Unix attribute values.
Note: There are additional settings that you can set using PowerShell which allows you to validate entries for the GECOS, Home Directory, and Login Shell attributes. For more information, see Use Safeguard Authentication Services PowerShell.
Once enabled for Unix, you can log on to the host with that Active Directory user's log on name and password.
Now that you have Unix-enabled an Active Directory user, you can log in to a local Unix host using your Active Directory user name and password.
To test the Active Directory login
Click Login to log in to the Unix host with your Active Directory user account.
/opt/quest/bin/vastool klist
The vastool klist command lists the Kerberos tickets stored in a user's credentials cache. This proves the local user is using the Active Directory user credentials.
You just learned how to manage Active Directory users and groups from Management Console for Unix by Unix-enabling an Active Directory group and user account. You tested this out by logging into the Unix host with your Active Directory user name and password. Optionally, you can expand on this tutorial by creating and Unix enabling additional Active Directory users and groups and by testing different Active Directory settings such as account disabled and password expired.
You can run various reports that capture key information about the Unix hosts you manage from the management console and the Active Directory domains joined to these hosts from the Reports view on the Reporting tab.
Note: The Active Directory reports are only available when you are logged on as an Active Directory account in the Manage Hosts role.
To run reports
Reports only generate data gathered from the clients during a profile procedure. Profiling imports information about the host, including local users and groups.
Note: You can configure the management console to profile hosts automatically. For more information, see Configuring automatic profiling.
Unix host information gathered during the profiling process
Local and Active Directory user information
Local and Active Directory group information
User access information
Product licensing information.
The selected report name opens a new tab on the Reports view that describes the report and provides some report parameters you can select or clear to add or exclude details on the report.
Note: If the CSV report does not open, you may need to reset your internet options. See CSV or PDF Reports Do Not Open in the online help for details.
By default, the management console creates reports in the application data directory:
%SystemDrive%:\ProgramData\Quest Software\Management Console for Unix\reports
/var/opt/quest/mcu/reports
Note: You may need to reconfigure your browser preferences to allow you to save the report in a specific folder.
It launches a new browser or application page and displays the report in the selected format.
Note: When generating multiple reports simultaneously or generating a single report that contains a large amount of data, One Identity recommends that you increase the JVM memory. See JVM memory tuning suggestions in the Management Console for Unix Administration Guide.
The management console provides comprehensive reporting which includes reports that can help you plan your deployment, consolidate Unix identity, secure your hosts and troubleshoot your identity infrastructure. The following tables list the reports that are available in Management Console for Unix.
Note: Report availability depends on several factors:
© 2024 One Identity LLC. ALL RIGHTS RESERVED. 使用条款 隐私 Cookie Preference Center