Kategorie
Product Version
Topic
Subtopic
Safeguard for Sudo 7.4 and Privilege Manager for Unix 7.4 require a new license. (4378405)
The new releases of Safeguard for Sudo 7.4 and Privilege Manager for Unix 7.4 require a new license to be installed after the upgrade. ... NOTE: It is important to have the license ready before upgrading because it must be installed immediately to avoid an interruption.
Core dump while doing sudo after stopping pmserviced (4375857)
- Joined to a policy group ... : YES<br> ... - Name of policy group ... - Pathname of compatible sudo binary : /usr/bin/sudo v1.8.29<br>[root@arhrh1 ~]# systemctl stop pmserviced<br>[root@arhrh1 ~]# sudo -l<br>Matching Defaults entries for root on arhrh1:<br> log_host, !visiblepw, always_set_home, match_group_by_gid, env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS", env_keep+="MAIL<br> PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES",
/var/adm/messages is loaded with lots of Assignment to constant runpaths / runrlimit_core / runrlimit_cpu etc. (4375856)
<p>These particular messages may be safely ignored.</p> ... Unfortunately, there is no way to disable the pmlogxfer syslog messages. ... The cause of the issue has been identified and his has been identified as a product defect.
My Licensing - Self Service Key Upgrade (4279090)
To upgrade a license key, first, ensure your product is registered on the Support Portal. ... Directions to register can be found here: https://support.oneidentity.com/essentials/getting-started-with-my-licensing
How to archive iologs (4271047)
The disk space taken up by the following directory is growing too large: /var/opt/quest/qpm4u/iolog/ ... Is there a way to archive the iologs contained under this directory? ... The iologs are just normal files and therefore can be moved or copied using standard Unix commands.
sudo GPO fails to apply with sudoedit should not be specified with a path (4375574)
While applying a sudo GPO policy, the policy fails to apply. ... The logs indicate the following error: <strong>sudoedit should not be specified with a path</strong> Starting with sudo 1.9.x you cannot specify a path to sudoedit in /etc/sudoers<br>this was part of a fix/commit that was done to the sudo project.
How do I view logs and audit users ? (4295637)
How do I view logs and audit users ? ... Commands can be replayed by an administrator using the “pmreplay” utility. ... The input and output of commands executed with Privilege Manager are stored within the “iologs” directory and are organised by profile, user and command by default.
My Licensing - Self Service Key Retrieval and Key Refresh (4282600)
To retrieve or refresh a license key, first, ensure your product is registered on the Support Portal. ... Directions to register can be found here: https://support.oneidentity.com/essentials/getting-started-with-my-licensing
How to run a backtrace on a core file? (4267310)
How to run a backtrace on a core file? ... After a segfault or process crash you may need to obtain more information. ... Backtraces can provide more detailed information. ... When a core file happens, Tech support will need a back trace of the core file.
Can Ansible be used to configure and join Safeguard Authentication Services (SAS). (4265572)
Is there guidance/samples/best-practices for automating vastool join during Linux build automation via Ansible playbook. ... The Ansible tools are an open source project and are not supported by One Identity Support.
How to add license files to Safeguard for Sudo (4374715)
Run the following command as root to install the license: (replacing license_file with the file name)<br><strong># /opt/quest/sbin/pmlicense -l license_file</strong><br><br>This command displays your currently installed license and the details of the new license to be installed.<br><br>3.
How to troubleshoot sudo not working? (4281429)
How to troubleshoot sudo not working? ... Sudo must have been compiled with PAM support. ... To configure sudo pam files you can use the command: 'vastool configure pam sudo' and 'vastool configure sudo'.
Management Console for Unix End Of LIfe (4283832)
Support for Management Console for Unix will reach end of life on Nov 1, 2021. ... Therefore, the MCU will enter limited support for all versions on April 1, 2021. ... Support for all versions will reach end of life on Nov 1, 2021.
How to recreate the pmevents.db file if it becomes corrupt (4276409)
How to recreate the pmevents.db file if it becomes corrupt. ... If the pmevents.db file becomes corrupt, then you may need to recreate it. ... Use the following command to check the database file:
Error message in pmlogsrvd.log " Oct 28 20:02:45 12352 E: Unable to insert event UID[93edd453ef7c2bf4e4486a2d75b26d088a356f4a]. Event log /var/opt/quest/qpm4u/pmevents.db error: Event caused a constraint violation" (4271413)
Event log /var/opt/quest/qpm4u/pmevents.db error: Event caused a constraint violation" ... The "Unable to insert event" message usually means that there is already an event in the database that has that uniqueid (UID).
What options do I have to recover a failed primary policy server? (4287221)
What options do I have to recover a failed primary policy server? ... What services are lost if the primary policy server crashes? ... If you have secondary policy servers configured in your environment, your Unix agents and sudo plugins will automatically go to the secondary servers for policy evaluation and logging.
Sudo clients are getting dropped Request rejected by Safeguard. How to troubleshoot sudo plugin not working. (4281734)
Sudo clients are getting dropped Request rejected by Safeguard. ... How to troubleshoot sudo plugin not working. ... The following will help to identify the issue: ... 1 - Run pmcheck on the client
Getting Assistance with One Identity Open Source GitHub Content (4263328)
One Identity open source projects are supported through One Identity GitHub issues and the One Identity Community. ... This includes all scripts, plugins, SDKs, modules, code snippets or other solutions.
Offline IO logs from client appearing in offline directory on Policy server (4280870)
IO logs from client systems are appearing in the following directory on the Policy server: /var/opt/quest/qpm4u/offline/iologs/ ... These should be transferred to the quarantine folder on the Policy server before then being processed into the correct directories: /var/opt/quest/qpm4u/quarantine/
Does Privilege Manager for Sudo have the ability to send logs in CEF format to arclogger HP ArcSight (4261466)
An arclogger (HP ArcSight) server is receiving Privilege Manager for Sudo logs (primarily pmmasterd accept/reject messages). Is it possible to send the logs in <span class="ILfuVd"><span class="e24Kjd">Common Event Format (CEF)? </span></span> <p>No, Privilege Manager for Sudo does not currently have the ability to be able to send logs in CEF format.</p><p>July 2nd, 2019:</p><p>Enhancement Request #802718 has been raised with the product team for consideration of inclusion within a future release of Privilege Manager for Sudo.</p><p></p> 802718
Within MCU, receive error "No Software Available" when trying to install AIX 7 and Solaris Sparc 10 and 11 clients (4233017)
In Management Console for Unix (MCU) version 2.4.2 when trying to install Quest Authentication Services (QAS) or Privilege Manager for Unix/Sudo to servers running AIX 7 and Solaris Sparc 10 and 11 the MCU is reporting that no software is available to install.
Sudo Command cannot be ran in Crontab (4285053)
Privilege Manager for Sudo command does not run in cron. ... The same command can be ran on the command line. ... This can be caused by the command requiring a tty. ... Check the email message produced by cron for the following entry: sudoers: sorry, you must have a tty to run sudo
What platforms are QPMU for Sudo supported on? (4295310)
What platforms are supported for the product QPMU for sudo? <p>The list of supported platform is located on the <strong>Specifications tab</strong> on the following Web page: <a href="https://www.quest.com/products/privilege-manager-for-sudo/" target="_blank">Privilege Manager for Sudo</a></p><p>Please note you must have sudo 1.8 or higher installed. If the operating system's vendor does not provide sudo 1.8 or higher you can download a copy from the <a href="http://www.sudo.ws/download.html" target="_blank">http://www.sudo.ws/download.html</a> site.</p><p>We recommend you run the preflight binary that is located at the root of the download to check the prerequisites: pmpreflight.sh --sudo --policyserver </p><div><p>The above will check hostname resolution is working, connectivity ssh and sudo 1.8+ is installed. </p></div><div></div><div></div><p></p><p>For more information please refer to the <a href="https://support.quest.com/technical-documents/privilege-manager-for-sudo/2.0/administrators-guide/installation-and-configuration/configure-a-primary-policy-server/check-the-server-for-installation-readiness" target="_blank">PM for Sudo Admin Guide</a></p><div></div><p></p>
How To Create a Self Signed Certificate for Management Console for Unix (MCU) on Windows (4238358)
A self-signed certificate is required for use within Jetty in order for the MCU to function. ... The MCU requires a certificate in order for the WebUI to function correctly. ... NOTE - One Identity Support does not assist with certificate creation.
pmmasterd causing high CPU utilization (4249444)
If a policy server connection is severed while the sudo plugin is still running, the plugin's pmmasterd process could get caught in an execution loop. ... Upgrade to Privilege Manager for Sudo 6.0.0(040)
Neue Produktverknüpfung
- Self-Service-Tools
- Knowledge Base
- Benachrichtigungen und Warnmeldungen
- Produkt-Support
- Software-Downloads
- Technische Dokumentationen
- Benutzerforen
- Videoanleitungen
- RSS Feed
- Ausgewählte Inhalte
- Impact of CVE-2021-44228 Apache Log4j Vulnerability
- Privilege Manager for Sudo Hotfix 6.0.0.061
- Ist der Privilege Manager for Sudo von der DROWN Sicherheitslücke betroffen?
- DROWN Angriff und MCU
- Kontakt
- Technische Support
- Alle anzeigen