Chat now with support
Chat with Support

Quest has tools and processes in place to identify, protect, detect, and remediate vulnerabilities and incidents when they occur, including external security partners. As part of our standard security operations, Quest does not use CrowdStrike in any of our operations. We are reviewing our third parties, and so far, there is minimal affect. It is Quest's policy not to provide further technical details unless they directly impact customer data.

Stat 6.3 - System Administration Guide

Overview of Stat Administration Administrative Utilities Stat Security General Maintenance Tables
System Maintenance Service Domain Maintenance Department Maintenance Issue Tracking Maintenance Country Maintenance Customer Maintenance Object Type Maintenance PeopleSoft Environment Connection Maintenance Pre/Post Migration Steps Parameters Oracle Applications Configuration Oracle Applications Connection Maintenance Generic Application Connection Maintenance Schema Object Parameters Maintenance Data Object Maintenance PeopleSoft Search Configurations Stat Report Definition Maintenance Version Control Management Connection Maintenance
Service Domain-Specific Maintenance Configuring the Stat Central Agent Email Configuration Object Security Appendix: Sample Service Domain Configuration Appendix: User Class Rights Appendix: Creating a Staging Database Appendix: Database Tuning Appendix: Oracle Applications File Type Directory Appendix: Ports and Firewalls Appendix: REST Web Services API Appendix: SOAP-Based Web Services API Appendix: Troubleshooting Chart Appendix: stat.conf Configuration Appendix: Custom Report Files

Server-Specific Pre/Post Migration Step Parameters

In the Pre/Post Migration Step Parameters Maintenance table, system administrators define public server-based parameters that can be included in the definition of pre and post migration command steps executed on any file server configured in Stat. However, because these parameters specify a set of default values that may not be applicable to all servers, such as home directories or version numbers, you can define server-specific parameters in the Server Parameters tab of the Other Options window. Here you can define entirely new parameters, or you can specify server-specific values that override the default values of public parameters.

See the section, Pre/Post Migration Steps Parameters for more information.

Click Other Options.
Click New.

SFTP Public Key-Based Authentication

Whenever Stat accesses file objects on a file server, Stat “logs in” using the username configured in Stat for that server. The file server then authenticates the user ID, typically with a password. For customers wanting a more secure method of authenticating user accounts on their SFTP file servers, Stat supports public key-based authentication.

With public key-based authentication, each user ID has a set of public keys which are authenticated by a set of corresponding, mathematically related private keys. Data encrypted with public keys can only be decrypted by their associated private keys and vice versa. When the user (in this case Stat) attempts to log into a SFTP server, the user ID is sent to the server with an associated public key. The server then checks the list of public keys associated with the user ID. If the public key is identified, the server then requires that the user authenticate their ownership of the public key by sending data encrypted with the associated private key. If the server is able to decrypt the data using the public key, the user is authenticated and granted access to the server.

Stat supports public key-based authentication using either the RSA or DSA algorithms. DSA is recommended as the more secure choice and is used by default. RSA is supported for SFTP servers already configured to use RSA.

To configure public key authentication, you must first assign Stat a user ID on each SFTP server. Then you must define in the Stat Repository a set of public and private key s associated with that ID. Remember that the public keys associated with the user ID must be defined on the server as well.

There are two ways you can acquire the key sets you need:

In the FTP Protocol field, select SFTP.
In the Auth Type field, select Public Key.
NOTE: Select Password if you want to use standard user ID/password authentication. When you select this option, the Authentication field displays an Enter Password button. To create a password, click Enter Password, and in the Change Password dialog box, enter the password in the Password and Confirm Password fields (50 characters maximum). Then click OK.
In the Authentication field, click Public Key Config.
Enter the fully qualified path to the file in the Import file field and then click Import Private Key.
In the Size field, select the desired key size.
Options include 768, 1024, and 2048. Longer keys are more secure but take more time to generate. The default is 1024.
Click Generate.

User Default Directories

The User Default Directories Maintenance table defines the default working directories for each Stat user. Whenever an archive set containing a file object is migrated to the working directory, Stat checks to see if a separate working directory for that type of file object has been defined for the assigned user (as described earlier in the Source File Locations section). If not, Stat places the file object in the user’s default directory.

NOTE: You can also define a user’s default working directory in the User File Directories tab of the Other User Information window. For more information, see Defining Stat Users . User can also define their own working directories in the Stat User Options window. For more information, see the “Object Management” sections in the change management chapters of the Stat User Guide.

Stat User
(Key Value)

The user’s Stat user ID

User Name
(Read Only)

The user’s name

Working File Server

Server where the working folder is located

Working File Path

File server path where the working folder is found. Make sure you use the proper syntax when specifying working directories. For more information, see File Path Syntax .

Last Update
(Read Only)

The date and time this record was last updated

Update Userid
(Read Only)

The user who last updated this record

After defining a default directory in the maintenance table, you can make sure that you have entered all the information correctly by clicking Test Connection. See the section, Testing File Locations, Servers, and Default Directory Locations for more information.

Oracle Apps Base Directories

For Oracle Applications, you need to specify file locations only for custom file types (Custom, Custom with Product or Custom with Product and Language). The locations of the proprietary file types (forms, reports, etc.) are managed by Stat automatically. The base directories are defined on the OraApps Base Directory tab, while the file “pathways” are defined on the file type window.

The agent must be able to resolve the server environment variable into a known file location. For all non-R12.2 environments, this is done via the stat.conf file. For example, if in the Object Type Maintenance table you defined a base directory code COMMON_TOP, you must add the following parameter to all the Oracle agents that will process the custom objects using this base directory code:

The syntax for the parameter is <EnvCode>.env.<BaseDirectory>=<value>. The value should be an absolute (i.e., fully qualified) directory with read/write privileges for the Oracle agent. The parameter in this example is added to the Oracle agent for the “Dev” environment. The parameter can be set to a different directory for each agent.

For R12.2 environments, if these base directories are under the Edition-based File System, then the value for each Base Directory must come from the context file. An example of these types of Base Directories would be OA_HTML. This parameter is defined in the context file with a value for both the fs1 and fs2 file system. To retrieve values from the context file, you always need an XPath expression. The Context Pattern field in Stat stores the XPath expression for retrieving the value from the context file. (You may need to consult with your DBA and refer to documentation for EXTRACTVALUE command). For example the expression for retrieving OA_HTML from the context file is: //OA_HTML[@oa_var="s_oahtml"].

Note that if these Base Directories are not under the Edition-based File System, then the value for the Base Directory is defined in stat.conf.

Also Note that in general if a value is defined for any parameter in stat.conf, it always overrides the value read from the context file.

In the Base Directory Cd field, type a name that uniquely identifies the directory.
In the Server Environment Variable field, enter the base description as defined in the stat.conf file.
Click OK or Apply to save your changes.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating