Now that you have Unix-enabled an Active Directory user, you can log in to a local Unix host using your Active Directory user name and password.
To test the Active Directory login
Click Login to log in to the Unix host with your Active Directory user account.
/opt/quest/bin/vastool klist
The vastool klist command lists the Kerberos tickets stored in a user's credentials cache. This proves the local user is using the Active Directory user credentials.
You just learned how to manage Active Directory users and groups from Management Console for Unix by Unix-enabling an Active Directory group and user account. You tested this out by logging into the Unix host with your Active Directory user name and password. Optionally, you can expand on this tutorial by creating and Unix enabling additional Active Directory users and groups and by testing different Active Directory settings such as account disabled and password expired.
You can run various reports that capture key information about the Unix hosts you manage from the management console and the Active Directory domains joined to these hosts from the Reports view on the Reporting tab.
Note: The Active Directory reports are only available when you are logged on as an Active Directory account in the Manage Hosts role.
To run reports
Reports only generate data gathered from the clients during a profile procedure. Profiling imports information about the host, including local users and groups.
Note: You can configure the management console to profile hosts automatically. For more information, see Configuring automatic profiling.
Unix host information gathered during the profiling process
Local and Active Directory user information
Local and Active Directory group information
User access information
Product licensing information.
The selected report name opens a new tab on the Reports view that describes the report and provides some report parameters you can select or clear to add or exclude details on the report.
Note: If the CSV report does not open, you may need to reset your internet options. See CSV or PDF Reports Do Not Open in the online help for details.
By default, the management console creates reports in the application data directory:
%SystemDrive%:\ProgramData\Quest Software\Management Console for Unix\reports
/var/opt/quest/mcu/reports
Note: You may need to reconfigure your browser preferences to allow you to save the report in a specific folder.
It launches a new browser or application page and displays the report in the selected format.
Note: When generating multiple reports simultaneously or generating a single report that contains a large amount of data, One Identity recommends that you increase the JVM memory. See JVM memory tuning suggestions in the Management Console for Unix Administration Guide.
The management console provides comprehensive reporting which includes reports that can help you plan your deployment, consolidate Unix identity, secure your hosts and troubleshoot your identity infrastructure. The following tables list the reports that are available in Management Console for Unix.
Note: Report availability depends on several factors:
The following reports provide Unix host information that is gathered during the profiling process.
Report | Description |
---|---|
Safeguard Authentication Services Readiness |
Provides a snapshot of the readiness of each host to join Active Directory. This report is best used for planning and monitoring migration projects. The basic report includes the following information:
Use the following report parameters to define details to include in the report.
NOTE: This report is available when you are logged on as the supervisor or an Active Directory account in the Manage Hosts role. |
Privilege Manager Readiness |
Provides a snapshot of the readiness of each host to join a policy group. The basic report includes the following information:
Use the following report parameters to define details to include in the report.
NOTE: This report is available when you are logged on as the supervisor or an Active Directory account in the Manage Sudo Policy role or the Audit Sudo Policy role. |
Unix Computers in AD |
Lists all Unix computers in Active Directory in the requested scope. By default, this report is created using the default domain as the base container. Browse to search Active Directory to locate and select a different base container to begin the search. NOTE: This report is available when you are logged on as an Active Directory account in the Manage Hosts role. |
Unix Host Profiles |
Summarizes information gathered during the profiling process of each managed host. This report includes the following information:
Use the following report parameters to define details to include for each host.
NOTE: This report is available when you are logged on as the supervisor or an Active Directory account in the Manage Hosts role. |
© 2024 One Identity LLC. ALL RIGHTS RESERVED. 使用条款 隐私 Cookie Preference Center