IBM Tivoli Access Manager for Operating Systems 5.1 SA
|
|
- Ralph Hensley
- 5 years ago
- Views:
Transcription
1 IBM Tivoli Access Manager for Operating Systems 5.1 SA
2
3 IBM Tivoli Access Manager for Operating Systems 5.1 SA
4 ! 319 B IBM. ( ), IBM Tivoli Access Manager for Operating Systems 5, 1( 5698-PDO). Copyright International Business Machines Corporation 2001, All rights reserved.
5 v v vi vi IBM Tivoli Access Manager for Operating Systems vii vii vii viii viii ix ix ix , msg kosserrs.log XML policy pdosexempt policy InstallShield Multiplatform InstallShield Multiplatform : Tivoli Access Manager : Tivoli Access Manager policy : Tivoli Access Manager policy : Tivoli Access Manager user_create : 1 pdosd : Tivoli Access Manager for Operating Systems 36 2: Tivoli Access Manager for Operating Systems SSL ldapcacert.b LDAP SSL CA LDAP SSL policy.. 43 pdosexempt SSL () AIX policy Copyright IBM Corp. 2001, 2003 iii
6 pdoslpmd policy init Kosseal not avail, rc PAM policyview policy : : policy Tivoli Access Manager for Operating Systems Tivoli Access Manager policy policy ACL policy surrogate-to-root policy Sudo policy : A. Tivoli Access Manager for Operating Systems B. IBM iv IBM Tivoli Access Manager for Operating Systems:
7 IBM Tivoli Access Manager for Operating Systems policy. : IBM Tivoli Access Manager for Operating Systems Tivoli SecureWay Policy Director for Operating Systems( 3.7) Tivoli Policy Director for Operating Systems( 3.8). Tivoli SecureWay Policy Director policy. IBM Tivoli Access Manager for Operating Systems IBM Tivoli Access Manager for Operating Systems.. v UNIX v (HTTP, TCP/IP, FTP, Telnet, SSL) v v v v LDAP(Lightweight Directory Access Protocol) v IBM Tivoli Access Manager Base. v IBM Tivoli Management Environment framework v IBM Tivoli Enterprise Console v IBM Tivoli Directory Server(LDAP) v IBM Tivoli User Administration Copyright IBM Corp. 2001, 2003 v
8 IBM Tivoli Access Manager for Operating Systems. v 1 1. v 3 2, Tivoli Access Manager for Operating Systems. v v 37 4 Tivoli Access Manager for Operating Systems. v 51 5 policy Policy. v v 81 7 IBM Customer Support. v 85 A Tivoli Access Manager for Operating Systems Tivoli Access Manager for Operating Systems. v 319 B IBM,. Tivoli Access Manager for Operating Systems. Tivoli, Tivoli Tivoli. vi IBM Tivoli Access Manager for Operating Systems:
9 IBM Tivoli Access Manager for Operating Systems IBM Tivoli Access Manager for Operating Systems, IBM Tivoli Access Manager. Tivoli Tivoli Tivoli. IBM Tivoli Access Manager for Operating Systems. v IBM Tivoli Access Manager for Operating Systems, SA Tivoli Access Manager for Operating Systems. Tivoli, IBM Tivoli Enterprise Console IBM Tivoli Risk Manager. v IBM Tivoli Access Manager for Operating Systems, SA Tivoli Access Manager for Operating Systems,,. v IBM Tivoli Access Manager for Operating Systems, SA ,,, Tivoli Access Manager for Operating Systems.. v IBM Tivoli Access Manager for Operating Systems, GA Tivoli Access Manager for Operating Systems. v IBM Tivoli Access Manager for Operating Systems Read Me First Card, GA Tivoli Access Manager for Operating Systems.. v IBM Tivoli Access Manager Base, SA v IBM Tivoli Access Manager Base Administration Guide, GC v IBM Tivoli Access Manager for e-business, GA v IBM Tivoli Access Manager for e-business Performance Tuning Guide, SC vii
10 IBM Tivoli Access Manager. v IBM Tivoli Access Manager for e-business Problem Determination Guide, SC Tivoli Access Manager. v IBM Tivoli Access Manager Error Message Reference, SC IBM Tivoli Access Manager, Tivoli Access Manager for Operating Systems Tivoli Access Manager. v IBM Tivoli Access Manager for e-business Command Message Reference, SC Tivoli Access Manager. v Tivoli Software Library,,, Tivoli. Tivoli Software Library. v Tivoli Glossary Tivoli. Tivoli Glossary. IBM Tivoli Access Manager for Operating Systems IBM Tivoli Access Manager for Operating Systems. PDF, HTML Tivoli Software Library. Product manuals., Tivoli Software Information Center. : PDF, Adobe Acrobat ( ). viii IBM Tivoli Access Manager for Operating Systems:
11 ... IBM Tivoli Access Manager for Operating Systems. IBM Tivoli Software Tivoli support IBM Tivoli Software. IBM Software. v v v...,,..,,.,,. [].. ix
12 ...,, Java, HTML XML. x IBM Tivoli Access Manager for Operating Systems:
13 1,. IBM Tivoli Access Manager for Operating Systems. Tivoli Access Manager for Operating Systems policy. policy.,,,.,,,. policy... v v v v. v v v policy v. Tivoli Access Manager for Operating Systems IBM Tivoli Access Manager for Operating Systems.. v v Copyright IBM Corp. 2001,
14 v v v v, v,.. v.. Tivoli Access Manager policy Tivoli Access Manager (LDAP) Tivoli Access Manager for Operating Systems, v Tivoli Access Manager for Operating Systems policy. v pdosbkup Tivoli Access Manager for Operating Systems. v. /var/pdos. ( : policy, )., MB.,. v /var/pdos, ( : ) 100MB. /var/pdos, Tivoli Access Manager for Operating Systems. v Tivoli Access Manager for Operating Systems... v IBM Tivoli Software. v Tivoli Access Manager for Operating Systems Tivoli Access Manager. 2 IBM Tivoli Access Manager for Operating Systems:
15 2, Tivoli Access Manager for Operating Systems,,. Tivoli Access Manager for Operating Systems /var/pdos/log... Tivoli Access Manager for Operating Systems /var/pdos/log. v msg pdosd.log: pdosd. v msg pdosauditd.log: pdosauditd. v msg pdoswdd.log: pdoswdd. v msg pdoslpmd.log: pdoslpmd. v msg pdoscfg.log: pdoscfg, pdosucfg, pdosteccfg pdostecucfg. v msg kosserrs.log:. v msg pdoslrd.log: pdoslrd. Tivoli Access Manager for Operating Systems /var/pdos/pdostecd. v msg pdostecd.log: pdostecd. ID. ID 85 A Tivoli Access Manager for Operating Systems. msg kosserrs.log. v (YYYY-MM-DD:hh:mm:ss.sss[+/-]GMT offset) v 16 v Copyright IBM Corp. 2001,
16 v (FATAL, ERROR, WARNING, NOTICE) v v v v 16 ID v ID v :49: :00I x35A53099 pdosd NOTICE osd pdosd main.c 529 0x AOSSD0153I AZN :49: :00I x35A62197 pdosd NOTICE oss daemon state.c 460 0x AOSSS0407I PDOSD ( ) :14: :00I x357E2003 pdosd WARNING ocs general cas.c x AOSCS0003W Tivoli Access Manager. ( ). FATAL... IBM Customer Support. ERROR... WARNING...,. NOTICE.. NOTICE VERBOSE NOTICE. 4 IBM Tivoli Access Manager for Operating Systems:
17 msg kosserrs.log msg kosserrs.log.. msg kosserrs.log /opt/pdos/sbin/kosserrs kosserrs. STDOUT.. v (HH:MM:SS) v v kosserrs. # kosserrs Date: Mon Dec 17 11:03:59 CST 2001 (CST) 11:03:59 0x340B4004: lost contact with pdosd, err 19 11:04:12 0x340B4006: regained contact with pdosd 11:10:24 0x340B4004: lost contact with pdosd, err 19 11:11:28 0x340B4005: still can not contact pdosd, err 19 11:11:56 0x340B4006: regained contact with pdosd msg kosserrs.log.. pdosd pdosauditd /var/pdos/log /var/pdos/pdosd /var/pdos/pdosauditd.., HP-UX.. (.) debug message. Policy NFS AIX. msg kosserrs.log. 3EE64C93 0x340B4003: AOSOE0003E internal error 4 loc 40:466 Tivoli Access Manager for Operating Systems NFS. 2, 5
18 , Tivoli Access Manager for Operating Systems..,., msg pdosd.log msg pdosd.log.1 msg pdosd.log. msg pdosd.log msg pdosd.log.2.,. 2, msg pdosd.log msg pdosd.log.1.,,. 0 0,. pdoscfg. IBM Tivoli Access Manager for Operating Systems IBM Tivoli Access Manager for Operating Systems..,.... XML Tivoli Access Manager for Operating Systems Tivoli XML,.. v XMLFILE v XMLSTDOUT v XMLSTDERR XML UTF-8 TEXTFILE( TEXT), STDOUT STDERR. XML (ASCII HTML) 6 IBM Tivoli Access Manager for Operating Systems:
19 Tivoli XML., ID. XML Tivoli Access Manager for Operating Systems. XML. XML InstallShield Tivoli Access Manager CD Tivoli Access Manager for Operating Systems. (setup.jar) readme (readme.htm) xmllogviewer. Java, JVM Readme. XML readme. Tivoli Access Manager for Operating Systems....,. Tivoli Access Manager for Operating Systems (pdosd, pdosauditd, pdoswdd, pdoslpmd pdoslrd) pdosobjsig. /opt/pdos/etc/trace. /var/pdos/tracelogs.... component:subcomponent.debuglevel:destination:attributes. component 2, 7
20 subcomponent debuglevel destination.. attributes pdosd. 1. pdosd pdosd ocs cas pdosd ocs isolation policy / pdosd okm general policy pdosd omh authz Authz Msg Handler authz API pdosd owc - pdosd owc net Debuglevels 1-9. STDERR, STDOUT, FILE( TEXTFILE) DISCARD..,. 1.. omh:authz.3:file :/var/pdos/tracelogs/pdosd_%ld.trc 2. STDOUT omh:authz.3:stdout:- 8 IBM Tivoli Access Manager for Operating Systems:
21 (pdosd, pdosauditd, pdoswdd, pdoslpmd pdoslrd). pdosctl -t... pdosctl -t daemon:component:subcomponent.debuglevel:where:attribute. pdosctl -t pdosd:omh:authz.3 (, ): pdosctl -t "pdosd:owc:net.1:file:/tmp/owc.log;okm:useraudit.3:file:/tmp/ \ useraudit.log" pdosctl -t pdosd:omh:authz.0. v (YYYY-MM-DD:hh:mm:ss.sss[+/-]GMT offset) v v DEBUGN (N ) v v v v v ID v. /scratch/test (T[OSSEAL]D) :36: :00I----- pdosd DEBUG2 omh authz /project/oss510/build/oss510/src/oss/azn/mh/authz_fileaccess.c 154 0x e authz_fileaccess: got cred for ID 0, :36: :00I----- pdosd DEBUG2 omh authz /project/oss510/build/oss510/src/oss/azn/mh/authz_fileaccess.c 159 0x e creds = 0x17cc78, cred_flags = 0x10, userauditauthmap 0x4000 2, 9
22 :36: :00I----- pdosd DEBUG1 omh authz /project/oss510/build/oss510/src/oss/azn/mh/authz_api.c 156 0x e authz_callaznapi: calling AZN API with creds for user ID 0, protected object name /OSSEAL/gsosun9/File/scratch/test, operation [OSSEAL]D :36: :00I----- pdosd DEBUG1 omh authz /project/oss510/build/oss510/src/oss/azn/mh/authz_api.c 185 0x e authz_callaznapi: azn_st == AZN_S_COMPLETE, AZN_C_PERMITTED, decision: GRANTED :36: :00I----- pdosd DEBUG1 omh authz /project/oss510/build/oss510/src/oss/azn/mh/authz_api.c 306 0x e authz_callaznapi, authz_data_p->status= 0x0, decision 0x1D :36: :00I----- pdosd DEBUG2 omh authz /project/oss510/build/oss510/src/oss/azn/mh/authz_fileaccess.c 452 0x e authz_fileaccess, err_st = 0, decision :36: :00I----- pdosd DEBUG1 omh authz /project/oss510/build/oss510/src/oss/azn/mh/authz_api.c x e authz_finaldecision, authz_data_p->status = 0x0, decision 0x :36: :00I----- pdosd DEBUG1 omh authz /project/oss510/build/oss510/src/oss/azn/mh/authz_internal.c 421 0x e authz_sendr: AZN File Access MSG stats: queue length 1, queued time 0 secs, cred acq time 0 secs, processing time 0 secs..,.,. kazntrace.,.. kazntrace.. /opt/pdos/sbin kazntrace. STDOUT.,.. /opt/pdos/sbin/kazntrace > /tmp/pdostrace.out. kazntrace -A. kazntrace -D. kazntrace -z. kazntrace -s kwords.. 10 IBM Tivoli Access Manager for Operating Systems:
23 v hh:mm:ss:sss. hh, mm, ss, sss..,. v ID(PID) v. Date: Tue Jan 29 11:23: (CST) privcheck flags 0 procflags 0x1c1 effid 0 realid privcheck result 1 privuid kosseal_syscall rtn code 0, retval 0/0 cd /scratch/test. /opt/pdos/sbin/kazntrace -A -z -s 50 cd /scratch/test /opt/pdos/sbin/kazntrace > /tmp/pdostrace.out /opt/pdos/sbin/kazntrace -D -a main -s 12 -z policy policy ( 5 Policy ). syslog PAM(Pluggable Authentication Modules) syslog. syslog IBM Customer Support.. PAM (Solaris, HP-UX, Linux). 1. PAM. Solaris HP-UX /etc/pam.conf. Linux /etc/pam.d/service. pam_pdos., 0xffffffff., HP-UX auth, /etc/pam.conf login auth required/usr/lib/security/libpam_pdos.1. 2, 11
24 login auth required/usr/lib/security/libpam_pdos.1 0xffffffff 2. /etc/syslog.conf syslog., /var/pdos/lpm.dbg, /etc/syslog.conf. *.debug /var/pdos/lpm.dbg 3. syslog., /var/pdos/lpm.dbg. touch /var/pdos/lpm.dbg 4. HUP syslog syslog.conf., syslog ID 5212,. kill -HUP 5212 AIX 1. AIX policy PAM. PAM. /usr/lib/security/.pdos_debug.. PAM. 2. /etc/syslog.conf syslog. /var/pdos/lpm.dbg, /etc/syslog.conf. *.debug /var/pdos/lpm.dbg 3. syslog., /var/pdos/lpm.dbg. touch /var/pdos/lpm.dbg 4. HUP syslog syslog.conf., syslog ID 5212,. kill -HUP 5212, ( : ) IBM Tivoli Access Manager for Operating Systems:
25 .,.....,.. (pdosctl -a pdosctl -A).,.. 1. Policy(POP) policy. 4.., AuditAuth policy.. 1--/games Tivoli Access Manager for Operating Systems policy ACL, /games/solitaire.. /games policy: pdadmin> object create /OSSEAL/TEST/File/games "" 3 i yes pdadmin> acl create tight pdadmin> acl modify tight set any-other T pdadmin> acl attach modify tight set unauthenticated T pdadmin> acl attach /OSSEAL/TEST/File/games tight pdadmin> acl show tight ACL Name: tight Description: Entries: User sec_master TcmdbsvaBl Any-other T 2, 13
26 Unauthenticated T # pdosctl -a deny:on # /games/solitaire /games/solitaire : cannot execute # pdosctl -a all:off # pdosaudview -l -s now-5 Wed Jul 31 15:46:26 CDT policy. Policy Branch TEST File/games /games/solitaire ID /games/solitaire File/games policy. policy. ACL. 2--policy /tmp/notes, /bin/more. cat. /tmp/notes policy: pdadmin> object create /OSSEAL/TEST/File/tmp/notes "" 3 i yes pdadmin> acl create test pdadmin> acl modify test set any-other T[OSSEAL]rwx pdadmin> acl modify test set attribute Access-Restrictions any-other:r:/bin/more pdadmin> acl attach /OSSEAL/TEST/File/tmp/notes test # pdosctl -a deny:on # cat /tmp/notes cat: Cannot open /tmp/notes. # pdosctl -a all:off # pdosaudview -l -s now-5 Thu Aug 1 08:16:43 CDT IBM Tivoli Access Manager for Operating Systems:
27 policy Access-Restrictions. Policy Branch TEST File/tmp/notes /tmp/notes ID /usr/bin/cat 0 /tmp/notes File/tmp/notes policy. policy. 3--/sensitivedata admin policy.,., admin joe /usr/bin/vi /sensitivedata/file1. admin. policy pdadmin> object create /OSSEAL/Test/AuditAuth/Group/admin/all "" 3 i yes pdadmin> object create /OSSEAL/Test/File/sensitivedata "" 3 i yes pdadmin> acl create sdata pdadmin> acl modify sdata set group admin T[OSSEAL]DKNRUdloprwx pdadmin> acl attach /OSSEAL/Test/File/sensitivedata sdata #/usr/bin/vi sensitivedata/file1 # pdosaudview -l -s now-5 Mon Aug 1 11:51:25 CDT joe joe policy. 2, 15
28 Policy Branch Test File/sensitivedata /sensitivedata/file1 ID /usr/bin/vi 0 /sensitivedata/file1 File/sensitivedata policy.,. IBM Tivoli Access Manager for Operating Systems. pdosexempt pdosexempt policy. policy. policy.., Tivoli Access Manager for Operating Systems. pdosexempt., policy., Tivoli Access Manager for Operating Systems (,, ).,. pdosrevoke. 1. PID.,. #ps-f UID PID PPID C STIME TTY TIME CMD root :45:46 pts/2 0:00 ps -f, PID ps -f PID PID pdosexempt. # pdosexempt -i IBM Tivoli Access Manager for Operating Systems:
29 13478 Tivoli Access Manager for Operating Systems policy. 3. Tivoli Access Manager for Operating Systems,,,. 4., pdosrevoke. # pdosrevoke policy. : Tivoli Access Manager for Operating Systems /var/pdos/ffdc.,,.,. policy policy policy., policy. policy. policy. IBM Tivoli Access Manager for Operating Systems policy.. /opt/pdos/sbin/kossdump.sh,. kossdump.sh, Customer Support.. kossdump.sh [-d dump_image] [-k kernel] [-b] [-h] 2, 17
30 -d systemdump. -k, 2. -b. -h. Tivoli Access Manager for Operating Systems. kossdump.sh -b > /tmp/pdosinfo.out,. kossdump.sh > /tmp/pdosinfo.out,. kossdump.sh -d dump_path -k kernel_path > /tmp/pdosinfo.out, compress gzip. /opt/pdos/sbin ossdump.sh.. ossdump.sh [-g] [-l] [-s] [-V] [-R release/fix level]] [-k K] [-? -h].. -g Tivoli Access Manager for Operating Systems. -l. -s. -k. -K. -V Tivoli Access Manager for Operating Systems. -R Tivoli Access Manager for Operating Systems. -h. ossdump.sh. 18 IBM Tivoli Access Manager for Operating Systems:
31 v Tivoli Access Manager for Operating Systems 2 /var/pdos dir (ls -lisr) Host Lookaside v Tivoli Access Manager for Operating Systems v Uname (ps -elkf) (df) inittab v kossdump.sh -b. v kossdump.sh.. Tivoli Access Manager for Operating Systems, Tivoli Access Manager policy LDAP, /opt/pdos/sbin server_ping.sh. Tivoli Access Manager for Operating Systems.. v bassslcfg -ping Tivoli Access Manager for Operating Systems policy v SSL LDAP ldapsearch -h $LDAPHOST -b "" -s base -v objectclass=* 2, 19
32 v SSL LDAP ldapsearch -h $LDAPHOST -Z -K /var/pdos/certs/pdosd.kdb -b "" -s base -v objectclass=* 20 IBM Tivoli Access Manager for Operating Systems:
33 3. InstallShield Multiplatform InstallShield Multiplatform, Tivoli Access Manager for Operating Systems.,. /tmp/msg amosismp.log /tmp/cdwa.stdout /tmp/cdwa.stderr InstallShield Multiplatform Tivoli Access Manager for Operating Systems CD..,. IBM Tivoli Access Manager for Operating Systems. ISMP.. 23., ,. 2. HP swinstall /var/adm/sw/swinstall.log v v AIX installp smit stderr stdout ${HOME}/smit.log v v Copyright IBM Corp. 2001,
34 2. () Solaris pkgadd stderr stdout v v IBM LDAP v Linux rpm stderr stdout v v IBM LDAP v IBM Tivoli Access Manager for Operating Systems. LDAP. Solaris Sun ONE Directory Server, Sun LDAP Linux nss-ldap. /opt/pdos/ /var/pdos. IBM Tivoli Access Manager for Operating Systems. pdoscfg, pdosucfg, pdosteccfg pdostecucfg Tivoli Access Manager for Operating Systems. /var/pdos/log/msg pdoscfg.log..,. /var/pdos/log/msg pdoscfg.log.... v pdoscfg :09: :00I x357D5011 pdoscfg NOTICE ocf pdoscfg_util pdoscfg_main.c 393 0x pdoscfg. v pdosteccfg. 22 IBM Tivoli Access Manager for Operating Systems:
35 :12: :00I x357D5011 pdosteccfg NOTICE ocf pdoscfg_util pdosteccfg_main.c 318 0x pdosteccfg. v pdoscfg pdoscfg. pdoscfg :09: :00I x357D5012 pdoscfg NOTICE ocf pdoscfg_util pdoscfg_parse_cl.c 561 0x pdoscfg-ldap_ssl_cacert /certs/amosaix5/ldapcacert.b64 -branch test -suffix ou=tivoli,o=ibm,c=us v svrsslcfg :09: :00I x357D5178 pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_common.c 197 0x /opt/policydirector/bin/svrsslcfg -f /opt/pdos/etc/pdosd.conf -config -d /var/pdos/certs -n pdosd -s local -P ******** -S ******** -r C /var/pdos/certs/ldapcacert.b64 -l yes. v pdoscfg. Tivoli Access Manager policy LDAP pdosd. pdosd policy Trusted Computing Base :10: :00I x357D5178 pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_common.c 197 0x /opt/pdos/bin/pdosd -T. InstallShield Multiplatform InstallShield Multiplatform. v v v. InstallShield Java JVM. install_amos_platform. 3 23
36 JVM., JVM.. v v X11 Windows v JVM v Java v JVM JVM JVM.,. InstallShield Wizard Initializing InstallShield Wizard... Searching for Java(tm) Virtual Machine... Error writing file = There may not be enough temporary disk space. Try using -is:tempdir to use a temporary directory on a partition with more disk space., (/tmp /var/tmp),. install_amos_platform -is:tempdir path_to_directory X11 Windows, GUI. DISPLAY,. Can t connect to X11 window server using :0.0 as the value of the DISPLAY variable. DISPLAY X11. DISPLAY=machine.company.com:0 Tivoli Access Manager for Operating Systems InstallShield,. JVM JVM., JVM /opt/java1.3 /usr/java. JVM,. install_amos_platform -is:javahome path_to_jvm Java Java. install_amos_platform -is:javaconsole 24 IBM Tivoli Access Manager for Operating Systems:
37 JVM JVM,. install_amos_platform -is:log /tmp/log.out, Java. java -cp install_amos_setup.jar run...,. Java. "java -Dis.debug=1 -cp install_amos_setup.jar run is.debug InstallShield. InstallShield JVM. JVM, JVM., JVM. -Xmssize install_amos_platform.ja Java JVM., Tivoli Access Manager for Operating Systems.,. /tmp/msg amosismp.log /tmp/cdwa.stdout /tmp/cdwa.stderr,., ( ). install_amos_platform java -cp install_amos_setup.jar run Tivoli Access Manager for Operating Systems. 3 25
38 Tivoli Access Manager for Operating Systems.,. pdoscfg..., /var/pdos/log/msg pdoscfg.log. 1.. v. v Tivoli Access Manager. 2. Tivoli Access Manager policy. v policy. v (LDAP). v Tivoli Access Manager ID,. 3. policy. v SSL. (.arm,.b64) LDAP (.kdb). LDAP. PDMgr policy, PDMgr. 4. osseal policy. osseal policy. /opt/pdos/etc/osseal.once-only /opt/pdos/etc/osseal.per-policy /opt/pdos/etc/osseal.per-machine v LDAP. v LDAP LDAP. v / LDAP Tivoli Access Manager. LDAP. v policy 5. pdosd Trusted Computing Base. 26 IBM Tivoli Access Manager for Operating Systems:
39 v LDAP CA. v Tivoli Access Manager for Operating Systems Tivoli Access Manager. 1: Tivoli Access Manager # pdoscfg -branch Servers -suffix ou=abc,o=xyz,c=us -ldap_ssl_cacert ldapcacert.b64 AOSCF1362E Tivoli Access Manager Runtime. pd.conf. AOSCF0021E. /var/pdos/log/msg pdoscfg.log. Tivoli Access Manager. pdconfig Tivoli Access Manager, pdsocfg. 2: Tivoli Access Manager policy 1: Tivoli Access Manager policy. # pdoscfg -ldap_ssl_cacert /certs/amosaix5/ldapcacert.b64 -branch test -suffix ou=tivoli,o=ibm,c=us.... Security Master. IBM Tivoli Access Manager for Operating Systems. PDOSD. Tivoli Access Manager Policy Server. AOSCF1352E Tivoli Access Manager Policy Server. Tivoli Access Manager Policy Server. AOSCF0021E. /var/pdos/log/msg pdoscfg.log. AOSCF1352E pdoscfg Tivoli Access Manager policy. /var/pdos/log/msg pdoscfg.log ERROR ERROR.., :15: :00I x1354A41E pdoscfg ERROR ivc socket mtsclient.cpp x amosaix :15: :00I x357D5167 pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_ivcommon.c 905 0x ivadmin_context_createdefault :15: :00I x357D5008 pdoscfg NOTICE ocf pdoscfg_util pdoscfg_ivcommon.c x Tivoli Access Manager, 3 27
40 1354a :15: :00I x357D5548 pdoscfg ERROR ocf pdoscfg pdoscfg_ivcommon.c 913 0x AOSCF1352E Tivoli Access Manager Policy Server. Tivoli Access Manager policy. Tivoli Access Manager policy., pdadmin policy., pdoscfg. 2: (LDAP). # pdoscfg -ldap_ssl_cacert /certs/amosaix5/ldapcacert.b64 -branch test -suffix ou=tivoli,o=ibm,c=us.... Security Master. IBM Tivoli Access Manager for Operating Systems. PDOSD. Tivoli Access Manager Policy Server. AOSCF1352E Tivoli Access Manager Policy Server. Tivoli Access Manager Policy Server. AOSCF0021E. /var/pdos/log/msg pdoscfg.log. AOSCF1352E pdoscfg Tivoli Access Manager policy. /var/pdos/log/msg pdoscfg.log ERROR ERROR., :54: :00I x357D5008 pdoscfg NOTICE ocf pdoscfg_util pdoscfg_ivcommon.c x Tivoli Access Manager, :54: :00I x357D5548 pdoscfg ERROR ocf pdoscfg pdoscfg_ivcommon.c 913 0x AOSCF1352E Tivoli Access Manager Policy. (LDAP). LDAP pdoscfg. 3:. # pdoscfg -ldap_ssl_cacert /certs/amosaix5/ldapcacert.b64 -branch test -suffix ou=tivoli,o=ibm,c=us 28 IBM Tivoli Access Manager for Operating Systems:
41 .... dom_admin s. IBM Tivoli Access Manager for Operating Systems. PDOSD. Tivoli Access Manager Policy Server. AOSCF1352E Tivoli Access Manager Policy Server. AOSCF1378E Security Master. Tivoli Access Manager Policy Server. AOSCF0021E. /var/pdos/log/msg pdoscfg.log. AOSCF1352E pdoscfg Tivoli Access Manager policy. AOSCF1378E. sec_master pdoscfg, pdoscfg -admin_name Tivoli Access Manager. pdosd. 3: Tivoli Access Manager policy 1: PDMgr. # pdoscfg -ldap_ssl_cacert /certs/amosaix6/ldapcacert.b64 -branch test -suffix ou=tivoli,o=ibm,c=us.... Security Master. IBM Tivoli Access Manager for Operating Systems. PDOSD. Tivoli Access Manager Policy Server. Tivoli Access Manager Policy Server..... AOSCF1304E 1 Tivoli Access Manager Policy Server. Tivoli Access Manager Policy Server.... Tivoli Access Manager Policy Server. AOSCF0021E. /var/pdos/log/msg pdoscfg.log., Tivoli Access Manager policy. /var/pdos/log/msg pdoscfg.log ERROR ERROR., :09: :00I x357D5151 pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_config.c x Tivoli Access Manager Policy
42 :09: :00I x357D512E pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_common.c 186 0x pdoscfg_popen :09: :00I x357D5178 pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_common.c 197 0x /opt/policydirector/bin/svrsslcfg -f /opt/pdos/etc/pdosd.conf -config -d /var/pdos/certs -n pdosd -s local -P ******** -S ******** -r C /var/pdos/certs/ldapcacert.b64 -l yes :10: :00I x357D5179 pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_common.c 235 0x /opt/policydirector/bin/svrsslcfg -f /opt/pdos/etc/pdosd.conf -config -d /var/pdos/certs -n pdosd -s local -P ******** -S ******** -r C /var/pdos/certs/ldapcacert.b64 -l yes :10: :00I x357D512E pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_common.c 125 0x pdoscfg_cat_log :10: :00I x357D512E pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_common.c 272 0x pdoscfg_open_file :10: :00I x357D512F pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_common.c 285 0x pdoscfg_open_file sec_master.. pdosd.... PDMgr. PDMgr. SSL :10: :00I x357D512F pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_common.c 144 0x pdoscfg_cat_log :10: :00I x357D512F pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_common.c 240 0x pdoscfg_popen :10: :00I x357D5167 pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_config.c x /opt/policydirector/bin/svrsslcfg :10: :00I x357D5518 pdoscfg ERROR ocf pdoscfg pdoscfg_config.c x Tivoli Access Manager Policy Server. PDMgr PDMgr. PDMgr Tivoli Access Manager policy. PDMgr Tivoli Access Manager /var/policydirector/log/msg pdmgrd_utf8.log. PDMgr.. 30 IBM Tivoli Access Manager for Operating Systems:
43 :02: :00I x14C0109C pdmgrd FATAL mgr general PDCertAthority.cpp 329 0x GSKKM_IssueCert() (0x ) :02: :00I x14C0109C pdmgrd FATAL mgr general config.pp 223 0x signcertificate() (0x14c0109). PDMgr stash PDMgr. policy (PDMgr)... Tivoli Access Manager policy,. 365., PDMgr... pdoscfg Tivoli Access Manager policy. 4: Tivoli Access Manager user_create 1:. # pdoscfg -ldap_ssl_cacert /certs/shade/ldapcacert.b64 -branch test -suffix ou=tiv,o=ibm,c=us.... Security Master. IBM Tivoli Access Manager for Operating Systems. PDOSD. Tivoli Access Manager Policy Server. Tivoli Access Manager Policy Server.. IBM Tivoli Access Manager for Operating Systems policy.... AOSCF1353E Tivoli Access Manager user_create. Tivoli Access Manager Policy Server
44 Tivoli Access Manager Policy Server. AOSCF0021E. /var/pdos/log/msg pdoscfg.log. AOSCF1353E policy pdoscfg. var/pdos/log/msg pdoscfg.log ERROR ERROR., :00: :00I x357D5132 pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_ivcommon.c x API user_create :00: :00I x357D5133 pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_ivcommon.c x API user_create :00: :00I x357D5008 pdoscfg NOTICE ocf pdoscfg_util pdoscfg_ivcommon.c x Tivoli Access Manager,. 14c012f :00: :00I x357D512F pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_ivcommon.c 543 0x pdoscfg_execute_ivadmin_command :00: :00I x357D5549 pdoscfg ERROR ocf pdoscfg pdoscfg_ivcommon.c 803 0x AOSCF1353E Tivoli Access Manager user_create. pdoscfg policy. (0x14c012f2).. pdoscfg. 2: LDAP # pdoscfg -ldap_ssl_cacert /certs/shade/ldapcacert.b64 -branch test -suffix ou=test,o=ibm,c=us.... Security Master. IBM Tivoli Access Manager for Operating Systems. PDOSD. Tivoli Access Manager Policy Server. Tivoli Access Manager Policy Server.. IBM Tivoli Access Manager for Operating Systems policy... AOSCF1353E Tivoli Access Manager user_create. Tivoli Access Manager Policy Server.. Tivoli Access Manager Policy Server. AOSCF0021E. /var/pdos/log/msg pdoscfg.log. 32 IBM Tivoli Access Manager for Operating Systems:
45 AOSCF1353E policy pdoscfg. var/pdos/log/msg pdoscfg.log ERROR ERROR., :31: :00I x357D5132 pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_ivcommon.c x API user_create :31: :00I x357D5133 pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_ivcommon.c x API user_create :31: :00I x357D5008 pdoscfg NOTICE ocf pdoscfg_util pdoscfg_ivcommon.c x Tivoli Access Manager, LDAP. 14c :31: :00I x357D512F pdoscfg NOTICE ocf pdoscfg_trace pdoscfg_ivcommon.c 543 0x pdoscfg_execute_ivadmin_comma nd :31: :00I x357D5549 pdoscfg ERROR ocf pdoscfg pdoscfg_ivcommon.c 803 0x AOSCF1353E Tivoli Access Manager user_create. LDAP ACL.. v Tivoli Access Manager ACL. v Tivoli Access Manager, LDAP Tivoli Access Manager ACL. ACL LDAP. IBM Tivoli Access Manager. 3. LDAP LDAP cn=securitygroup,secauthority=default cn=securitygroup,secauthority=domain name, cn=subdomains,secauthority=default cn=ivacld-servers,cn=securitygroups,secauthority=default cn=ivacld-servers,cn=securitygroups,secauthority=domain name, cn=subdomains,secauthority=default v v v 3 33
46 3. LDAP () LDAP cn=remote-acl-users,cn=securitygroups,secauthority=default cn=remote-acl-users,cn=securitygroups,secauthority=domain name, cn=subdomains,secauthority=default v v v ACL pdoscfg. 5: 1 pdosd 1: LDAP SSL CA (ldapcert.b64) Tivoli Access Manager. # pdoscfg -ldap_ssl_cacert /certs/amosaix6/ldapcacert.b64 -branch test -suffix ou=tivoli,o=ibm,c=us.... Security Master. IBM Tivoli Access Manager for Operating Systems. PDOSD. Tivoli Access Manager Policy Server. Tivoli Access Manager Policy Server.. policy.... policy. PDOSD Trusted Computing Base. AOSCF1327E 1 PDOSD. Tivoli Access Manager Policy Server.... Tivoli Access Manager Policy Server. AOSCF0021E. /var/pdos/log/msg pdoscfg.log., pdosd -T. var/pdos/log/msg pdoscfg.log ERROR ERROR., :06: :00I x357D552F pdoscfg ERROR ocf pdoscfg pdoscfg_config.c x AOSCF1327E 1 PDOSD. /opt/pdos/bin/pdosd -T IBM Tivoli Access Manager for Operating Systems:
47 :06: :00I x357E2081 pdosd ERROR ocs cas cas_int.c x AOSCS0129E Tivoli Access Manager. rc = 0x :06: :00I x357E2081 pdosd ERROR ocs cas cas_int.c x AOSCS0129E Tivoli Access Manager. rc = 0x :06: :00I x357E2089 pdosd WARNING ocs cas cas_int.c x AOSCS0137W osseal-admin. 0x357e2003: AOSCS0003W Tivoli Access Manager ( ). (pd / ocs) :06: :00I x35A530B0 pdosd ERROR osd pdosd main.c 256 0x AOSSD0176E (0x357e2003). AOSCS0003W Tivoli Access Manager ( ). (pd / ocs) AOSCS0129E (LDAP). 85 A Tivoli Access Manager for Operating Systems AOSCS0129E. Tivoli Access Manager /var/pdos/certs.. LDAP.,. ldapcacert.b64 /var/pdos/certs. ldapcacert.b64 LDAP ldapcacert.b64.. ldapcacert.b64. ldapcacert.b64 pdoscfg.,.. LDAP SSL 43 LDAP SSL CA LDAP SSL. ldapcacert.b64. check_cert /var/pdos/certs/ldapcacert.b64 client1.abc.com LDAP /var/pdos/certs/ldapcacert.b64 client1.abc.com LDAP. 3 35
48 1: Tivoli Access Manager for Operating Systems 1. client.abc.com. 2. Tivoli Access Manager client.abc.com. 3. pdosucfg client.abc.com. 4. Tivoli Access Manager. 1. client.abc.com Tivoli Access Manager. 2.. svrsslcfg -unconfig -f /dev/null -n pdosd/client.abc.com -P admin password -A admin name -o domain 3. pdoslrd,. svrsslcfg -unconfig -f /dev/null -n pdoslrd/client.abc.com -P admin password -A admin name -o domain 2: Tivoli Access Manager for Operating Systems 1. client.abc.com Tivoli Access Manager for Operating Systems Tivoli Access Manager server.abc.com. 2. server.abc.com. 3. Tivoli Access Manager for Operating Systems.. pdosucfg_local / 36 IBM Tivoli Access Manager for Operating Systems:
49 4 Tivoli Access Manager for Operating Systems.. v Tivoli Access Manager for Operating Systems. Tivoli Access Manager for Operating Systems. Tivoli Access Manager for Operating Systems pdosctl -s.. pdosd. pdoswdd. pdoslpmd. pdoslrd. pdosauditd.,.,. - pdoslpmd pdoslrd, pdosctl -s.. -. /var/pdos/daemon_name. /var/pdos/log. - ps -ef grep pdos... v Tivoli Access Manager for Operating Systems, LDAP Tivoli Access Manager for Operating Systems. ping LDAP Tivoli Access Manager policy. /opt/pdos/sbin/server_ping.sh LDAP Tivoli Access Manager policy. Copyright IBM Corp. 2001,
50 , ps LDAP Tivoli Access Manager., LDAP SSL. Tivoli Access Manager. /opt/policydirector/etc/pd.conf master-host Tivoli Access Manager policy. /var/policydirector/log/msg pdmgrd_utf8.log Tivoli Access Manager policy. policy. pdadmin> server list, policy. v. df -k. -k KB. /,. /var/pdos. :, HP Solaris (Solaris) 90. hpfs ufs. Tivoli Access Manager for Operating Systems osseal. v Tivoli Access Manager policy, (LDAP) Tivoli Access Manager for Operating Systems (7 US ASCII). SSL Tivoli Access Manager for Operating Systems SSL(Secure Sockets Layer) Tivoli Access Manager policy LDAP. SSL. Tivoli Access Manager for Operating Systems SSL CA. 38 IBM Tivoli Access Manager for Operating Systems:
51 v Tivoli Access Manager policy CA (pdcacert.b64) Tivoli Access Manager (PDRTE). Tivoli Access Manager policy, policy. policy, Tivoli Access Manager. /var/policydirector/keytab/pdcacert.b64 policy. 20. v LDAP CA (ldapcacert.b64). Tivoli Access Manager for Operating Systems. LDAP LDAP SSL.kdb. LDAP. : Tivoli Access Manager for Operating Systems LDAP SSL. SSL LDAP IBM Tivoli Access Manager. Tivoli Access Manager for Operating Systems LDAP. policy Tivoli Access Manager for Operating Systems /var/pdos/certs/pdosd.kdb. Tivoli Access Manager for Operating Systems. /var/pdos/certs/pdosd.sth., Tivoli Access Manager for Operating Systems policy policy. policy policy. v Tivoli Access Manager for Operating Systems policy /var/pdos/certs/pdosd.kdb Tivoli Access Manager policy /var/pdos/certs/pdosd.sth. 4 39
52 ,,.. v LDAP. Tivoli Access Manager for Operating Systems.. v policy, IBM Tivoli Access Manager Tivoli Access Manager. policy.. Tivoli Access Manager policy SSL. v Tivoli Access Manager policy /var/policydirector/logs/msg pdmgrd_utf8.log /. Tivoli Access Manager policy. v Tivoli Access Manager for Operating Systems /var/pdos/log/msg pdosd.log.. v pdoscfg 31 4: Tivoli Access Manager user_create. LDAP SSL. v LDAP CA. v,. LDAP. LDAP. 40 IBM Tivoli Access Manager for Operating Systems:
53 Tivoli Access Manager for Operating Systems. rc.osseal stop pdoscfg -ldap_ssl_cacert new certificate name rc.osseal start LDAP CA v Tivoli Access Manager for Operating Systems LDAP CA LDAP. v LDAP CA FTP FTP Windows UNIX, FTP ASCII. v LDAP CA LDAP SSL. 43 LDAP SSL CA LDAP SSL. v LDAP pdoscfg 29 3: Tivoli Access Manager policy. Tivoli Access Manager for Operating Systems (pdosd pdoslrd) policy. 1. Tivoli Access Manager for Operating Systems (pdosd /var/pdos/log/msg pdosd.log, pdoslrd /var/pdos/log/ msg pdoslrd.log) ( ) policy.,. 2. policy (pdmgrd) Tivoli Access Manager for Operating Systems (pdosd pdoslrd). 3.. v pdosd svrsslcfg -chgpwd -f /opt/pdos/etc/pdosd.conf -e pwd_life v pdoslrd svrsslcfg -chgpwd -f /opt/pdos/etc/pdoslrd.conf -e pwd_life 4 41
54 : pwd_life 0,,, 183. ssl ssl-pwd-life. 4.. v pdosd svrsslcfg -chgcert -f /opt/pdos/etc/pdosd.conf -n pdosd -P Tivoli Access Manager admin password v pdoslrd svrsslcfg -chgcert -f /opt/pdos/etc/pdoslrd.conf -n pdoslrd -P Tivoli Access Manager admin password : ssl ssl-cert-life. ssl-cert-life ldapcacert.b64 gsk7cmd ikeyman IBM Tivoli Access Manager GSKit ikeyman. ldapcacert.b64. ldapcacert.b64. (.kdb).kdb.. #!/bin/sh # Usage: prog_name <cert file name> # Example: prog_name /var/pdos/certs/ldapcacert.b64 export JAVA_HOME=/usr/java131 gsk7cmd -keydb -create -db /tmp/temp.kdb -stash -pw temp -type cms -expire 365 gsk7cmd -cert -add -db /tmp/temp.kdb -pw temp -label temp -file $1 gsk7cmd -cert -details -db /tmp/temp.kdb -pw temp -label temp awk /^Valid/ {print; } rm /tmp/temp.kdb tmp/temp.sth /tmp/temp.crl /tmp/temp.rdb Valid From: Mon Feb 04 12:49:37 CST 2002 To: Mon Nov 01 12:49:37 CST IBM Tivoli Access Manager for Operating Systems:
55 , ( :,.) LDAP SSL CA LDAP SSL gsk7cmd ikeyman IBM Tivoli Access Manager GSKit ikeyman. LDAP LDAP ldapsearch SSL LDAP. TEST SSL Connection to LDAP server using LDAP SSL CA certificate #!/bin/ksh # Usage: check_cert cert_file ldap hostname /dev/null 2>/dev/null #For Example: # check_cert /var/pdos/certs/ldapcacert.b64 machine.abc.com export JAVA_HOME=/usr/jdk_base CERT_FILE=$1 LDAP_Host=$2 #Creates a Key Database File echo "Creating a temporary key database file" gsk7cmd -keydb -create -db /tmp/temp.kdb -stash -pw temp -type cms -expire 365 #Add the certificate to the Key Datbase File echo "Adding the certificate to the key database file" gsk7cmd -cert -add -db /tmp/temp.kdb -pw temp -label temp -file $CERT_FILE #Do a ldapsearch using the key database file echo "Connect to the LDAP server using the created key database file" ldapsearch -h $LDAP_HOST -Z -K /tmp/temp.kdb -b "" -s base -v objectclass=* 1>/dev/null/ 2>/dev/null case $? in 0) echo "OK" ;; *) echo "FAILED" ;; esac rm /tmp/temp.kdb /tmp/temp.sth /tmp/temp.crl /tmp/temp.rdb policy policy policy pdmgrd SSL pdosd. policy, pdosd pdmgrd., SSL 90. ssl-io-inactivity-timeout pdmgrd pdosd.,. policy ivmgrd.conf 4 43
56 ssl ssl-io-inactivity-timeout. 0.. policy 120 msg pdosd.log :15: :00I x pdosd NOTICE idb download db_replicated_client.cpp 420 0x HPDDB1057I Received update notification :15: :00I x pdosd NOTICE idb download dalocalpolicy.cpp 483 0x HPDDB1056I Rebuilding local database replica :17: :00I x3591C002 pdosd NOTICE okm general kpcmgr.c 705 0x AOSKM0002I Finished updating policy (version number = ) :17: :00I x pdosd NOTICE idb download db_replicated_client.cpp 448 0x HPDDB1058I Handled update notification :17: :00I x106520F9 pdosd FATAL bas mts mtssecuresocket.cpp 319 0x HPDBA0249E A GSKIT API failed. gsk_secure_soc_write() return (406). policy ivmgrd.conf ssl-io-inactivity-timeout 120 policy. /opt/policydirector/etc/ivmgrd.conf [ssl] ssl-io-inactivity-timeout = 120 pdosexempt pdosexempt policy. policy. 1:., Tivoli Access Manager for Operating Systems. pdosexempt., policy., Tivoli Access Manager for Operating Systems (,, ).,. pdosrevoke. 1. PID.,. #ps-f UID PID PPID C STIME TTY TIME CMD root :45:46 pts/2 0:00 ps -f 44 IBM Tivoli Access Manager for Operating Systems:
57 , PID ps -f PID PID pdosexempt. # pdosexempt -i Tivoli Access Manager for Operating Systems policy. 3. Tivoli Access Manager for Operating Systems ( : ),,. 4., pdosrevoke. # pdosrevoke policy. : Tivoli Access Manager for Operating Systems (,, (Tivoli Access Manager, pdacld)).. pdoslrd. Tivoli Access Manager for Operating Systems ( ),, (, ).. /opt/pdos/etc/pdoslrd.xml. pdoslrd. Tivoli Access Manager for Operating Systems pdacld. pdoscollview. : Tivoli Access Manager for Operating Systems Tivoli Access Manager pdacld pdoscollview.,. 4 45
58 pdoslrd IBM Tivoli Access Manager for Operating Systems 4. pdacld IBM Tivoli Access Manager. pdoslrd. /opt/pdos/etc/pdoslrd.xml (on)., (off). UTF-8. UTF-8.,. en_us, ASCII. pdoslradm., AOSLR :31: :00I x A pdoslrd ERROR olr general mflr_config.cpp x AOSLR0058E Control file error: parse error at line 9 and column 5. /var/pdos/tracelogs/trace pdoslrd.log., :31: :00I----- pdoslrd DEBUG1 olr general /data/oss510/src/oss/mflr/common/mflr_config.cpp x [MFLR_Config::Read] ERROR: An error occurred while parsing the file /opt/pdos/etc/pdoslrd.xml at line 9 and column 5 Unterminated start tag, Channel SSL pdacld Tivoli Access Manager for Operating Systems, /var/pdos/certs/pdoslrd.kdb. Tivoli Access Manager for Operating Systems. /var/pdos/certs/ pdoslrd.sth., IBM Tivoli Access Manager for Operating Systems:
59 pdacld. Tivoli Access Manager for Operating Systems policy /var/pdos/certs/pdoslrd.kdb pdacld /var/pdos/certs/pdoslrd.sth.,,. 40. IBM Tivoli Access Manager Tivoli Access Manager., /var/pdos/log/ msg pdoslrd.log HPDBA022E.. pdacld :20: :00I x106520E pdoslrd FATAL bas mts mtsclient.cpp x d HPDBA0222E The TCP/IP host information could not be determined from the server hostname. Ensure that the server hostname is correct. pdoslrd pdacld Tivoli Access Manager policy pdoslrd pdacld Tivoli Access Manager., pdacld... pdoslrd pdacld, pdoslrd /opt/pdos/etc/pdoslrd.conf ssl-local-domain, pdacld /opt/policydirector/etc/ivacld.conf [ssl] ssl-local-domain., pdoslrd. ( pdoslrd.) 4 47
60 v pdoslrd. -lrd_admin pdoslrd Tivoli Access Manager. # pdoscfg -lrd_config off -lrd_admin_name admin_name -lrd_admin_ admin_pwd v pdoslrd. -lrd_admin Tivoli Access Manager. # pdoscfg -lrd_config on -lrd_admin_name admin_name -lrd_admin_pwd \ admin_pwd -lrd_local_domain domain_name : pdosd pdoslrd Tivoli Access Manager,.. LRD_NetOutput pdoslrd LRD_NetOutput /opt/policydirector/etc/ ivacld.conf [aznapi-configuration] logcfg=remote.channel....,..,., /var/pdos/log/msg pdoslrd.log.. AOSLR0081E :25: :00I x pdoslrd ERROR olr general mflr_writer_ .cpp 139 0x AOSLR0081E Unable to connect to the mail server. :,. LRD_ Output LRD_FileOutput IBM Tivoli Access Manager for Operating Systems:
61 ,.. LRD_ Output (on).. Tivoli Access Manager, Tivoli Access Manager LDAP IBM Tivoli Access Manager Performance Tuning Guide. () TCP/IP pdoscfg. -net_acl_limited policy IBM Tivoli Access Manager for Operating Systems 4. in-kernel (NetIncoming NetOutgoing) policy. policy.,,. Tivoli Access Manager Base. Tivoli Access Manager for Operating Systems, ACL R.,. ACL R. 1. Tivoli Access Manager for Operating Systems policy. /opt/pdos/sbin/policyview -o /tmp/extract -p admin_password 2. ACL policy. grep "acl modify" /tmp/extract.cmd grep -v "attribute" > /tmp/acl_mod.cmd 3. policy R. awk {print $0 "[primary]r"} /tmp/acl_mod.cmd > /tmp/extract.cmd 4 49
62 4. /tmp/extract.cmd. ACL R, /tmp/extract.cmd. acl modify example set any-other TR[OSSEAL]rwx[primary]R 5. Policy. pdadmin -a admin_name -p admin_password -d domain /tmp/extract.cmd AIX AIX SMP Tivoli Access Manager for Operating Systems (, policy, ), pdosd. * AIXTHREAD_SCOPE=S. v Tivoli Access Manager for Operating Systems,.,. export AIXTHREAD_SCOPE=S rc.osseal start unset AIXTHREAD_SCOPE v rc.osseal start.,. AIXTHREAD_SCOPE=S rc.osseal start v AIX SMP /opt/pdos/bin/rc.osseal Start(). export AIXTHREAD_SCOPE=S PDOSD. 50 IBM Tivoli Access Manager for Operating Systems:
63 5 policy policy,,. policy Tivoli Access Manager for Operating Systems ( pdoslpmd ).. PAM(Pluggable Authentication Module) Solaris, HP-UX Linux PAM. Solaris HP-UX, PAM /etc/pam.conf. Linux, PAM PAM /etc/pam.d/service. PAM,. Tivoli Access Manager for Operating Systems. (pam_sm_authenticate). (pam_sm_acct_mgmt). (pam_sm_open_session). (pam_sm_chauthtok). Solaris HP-UX pam.conf. service_name module_type control_flag module_path options service_name PAM (rlogin login). module_type,,. ( ),. Copyright IBM Corp. 2001,
64 Linux PAM Solaris HP-UX pam.conf, service_name. service_name. PAM, pdoscfg service_name/module_type PAM. Tivoli Access Manager for Operating Systems.. v Solaris pam_pdos.so.1, /usr/lib/security. v HP-UX libpam_pdos.1, /usr/lib/security. v Linux pam_pdos.so.1, /lib/security. PAM syslog. 11 policy. AIX AIX Tivoli Access Manager for Operating Systems (PDOS, PDOS2 PDOSPW). policy. v PDOS( ). policy. policy. v PDOS2( ) /.. Tivoli Access Manager for Operating Systems policy (,, ) v PDOSPW( ).. pdoscfg /etc/security/user /usr/lib/security/ methods.cfg. /etc/security/user SYSTEM "PDOS and" "and PDOS2"., SYSTEM = "compat" 52 IBM Tivoli Access Manager for Operating Systems:
65 . SYSTEM = "PDOS and compat and PDOS2" PDOSPW. pwdchecks = /usr/lib/security/pdospw /usr/lib/security/methods.cfg PDOS PDOS2. v PDOS: program = /usr/lib/security/pdos v PDOS2: program = /usr/lib/security/pdos2 AIX syslog. 11 policy. pdoslpmd pdoslpmd policy. pdoslpmd policy. pdoslpmd /opt/pdos/bin. pdoslpmd. pdosctl -t pdoslpmd:olp:*.9 11 policy. policy Tivoli Access Manager for Operating Systems policy policy..,. 1. Tivoli Access Manager for Operating Systems? v policy pdosd pdoslpmd. v pdosd. pdosctl -s pdosd v pdoslpmd. pdosctl -s pdoslpmd v pdosd pdoslpmd. 5 policy 53
66 rc.osseal start 2.? /opt/pdos/etc/lpm. conf policy. lpm.conf,. v pdosd policy policy. /var/pdos/log/msg pdosd.log. v Tivoli Access Manager for Operating Systems policy. v /var/pdos/log/msg pdosd.log policy. (3 ). 3. Tivoli Access Manager policy? v policy / policy., /opt/pdos/etc/lpm.conf. v, Tivoli Access Manager Password- Login-., MaxFailedLogins lpm.conf, Tivoli Access Manager policy Login-MaxFailedLogins. v Tivoli Access Manager policy,.,.,. 4.? v policy,. policy. policy policy. /OSSEAL/branch/Login/UserExceptions/username policy policy. /OSSEAL/branch/Password/UserExceptions/username 54 IBM Tivoli Access Manager for Operating Systems:
67 Tivoli Access Manager for Operating Systems policy., pdoslpadm -r -f userid. pdoslpadm. pdoslpadm IBM Tivoli Access Manager for Operating Systems. Tivoli Access Manager for Operating Systems pdosctl -a deny:on -a logindeny:on 2.. pdosaudview -w deny -l -g Login 3.. pdosaudview -w deny -l -g Password policy Tivoli Access Manager for Operating Systems, Tivoli Access Manager for Operating Systems., IBM Tivoli Access Manager for Operating Systems 4,. policy Tivoli Access Manager for Operating Systems, Tivoli Access Manager for Operating Systems.., AIX /usr/lib/security/methods.cfg,. PAM(Pluggable Authentication Module) UNIX PAM, policy., Tivoli Access Manager for Operating Systems., policy Tivoli Access Manager for Operating Systems. 5 policy 55
68 1. policy. pdoscfg -login_policy off 2. policy. pdoscfg -login_policy on AIX., Tivoli Access Manager for Operating Systems policy Tivoli Access Manager for Operating Systems. 1. CD /usr/lib/security/methods.cfg PDOS PDOS2. 4. /etc/security/user PDOS, PDOS2 PDOSPW. v Change: SYSTEM = "PDOS and compat and PDOS2" To: SYSTEM = "compat" v Change: pwdchecks = /usr/lib/security/pdospw To: pwdchecks = AMOS policy. pdoscfg -login_policy off 7. AMOS policy. pdoscfg -login_policy on init Kosseal not avail, rc Tivoli Access Manager for Operating Systems policy Kosseal. login_policy on autostart off,. init Kosseal not avail, rc Kosseal policy. Tivoli Access Manager for Operating Systems. syslog. Syslog, /etc/syslog.conf 56 IBM Tivoli Access Manager for Operating Systems:
69 ., Solaris auth.notice /etc/syslog.conf change: auth.notice /dev/sysmsg. to: auth.notice /var/log/authlog PAM Tivoli Access Manager for Operating Systems PAM. PAM. v Tivoli Access Manager for Operating Systems PAM required. requisite sufficient, Tivoli Access Manager for Operating Systems policy. v Tivoli Access Manager for Operating Systems PAM_AUTHTOK PAM_OLDAUTHTOK PAM. policy Tivoli Access Manager for Operating Systems. v pdoscfg policy, PAM filename.pdos.sav. policy. policy,., filename.pdos.sav., Tivoli Access Manager for Operating Systems filename.pdos.sav. 5 policy 57
70 58 IBM Tivoli Access Manager for Operating Systems:
71 6 policy. policy.. policy., Tivoli Access Manager for Operating Systems Tivoli Access Manager for Operating Systems , policy.. v.,.,. v. pdoswhoami -l.. v. pdoswhois -l pid ID. v policy. Tivoli Access Manager policy policy. pdadmin /opt/pdos/sbin/policyview ACL ( policy). policy. v policy. /var/pdos/log/msg pdosd.log policy. policy. Copyright IBM Corp. 2001,
72 policy, policy Tivoli Access Manager policy. policy (/var/policydirector/db/master_authzn.db) (/var/pdos/azn/authzn_replica.db ). ( : cksum). Tivoli Access Manager for Operating Systems /opt/policydirector/sbin/pdacld_dump policy /var/pdos/azn/authzn_replica.db /var/pdos/log/msg pdosd.log. pdacld_dump policy. /opt/policydirector/sbin/pdacld_dump -f master_authzn.db -s. Summary for master_authzn.db Dumped 4620 of 4620 objects. DB Sequence number :33121 DB SSL Sequence number :1062 FrequenceCount vs ObjectType vs BasePrefix summary 971:1281:/auth/pobject-map invalid objects were encountered. /var/policydirector/db/ /var/pdos/log/msg pdosd.log policy :01: :00I x3591C002 pdosd NOTICE okm general kpcmgr.c 617 0x AOSKM0002I policy ( = 33121) policy policy, policy. pdadmin> server replicate -server pdosd-hostname, policy. /var/policydirector/log/msg pdmgrd_utf8.log Tivoli Access Manager policy. policy. pdadmin> server list, policy. 60 IBM Tivoli Access Manager for Operating Systems:
IBM Tivoli Access Manager for Operating Systems 5.1 SA
IBM Tivoli Access Manager for Operating Systems 5.1 SA30-1840-01 IBM Tivoli Access Manager for Operating Systems 5.1 SA30-1840-01 ! 353 E. (2003 11 ), IBM Tivoli Access Manager for Operating Systems 5,
More informationAPI Gateway Version September Authentication and Authorization Integration Guide
API Gateway Version 7.5.2 15 September 2017 Authentication and Authorization Integration Guide Copyright 2017 Axway All rights reserved. This documentation describes the following Axway software: Axway
More informationIBM Tivoli Storage Area Network Manager
IBM Tivoli Storage Area Network Manager 1 1 SA30-1688-00 IBM Tivoli Storage Area Network Manager 1 1 SA30-1688-00 ! 131 D. (2002 10 ) IBM Tivoli Storage Area Network Manager 1 1 0( 5698-SRE 5698-SRS)...
More informationetrust SiteMinder Agent r5.5 for BEA WebLogic 9.0 etrust SiteMinder Agent for BEA WebLogic Guide
etrust SiteMinder Agent r5.5 for BEA WebLogic 9.0 etrust SiteMinder Agent for BEA WebLogic Guide This documentation (the Documentation ) and related computer software program (the Software ) (hereinafter
More informationTivoli Inventory 3.6.2
Tivoli Inventory 3.6.2 Tivoli Inventory 3.6.2 Tivoli Inventory (1999 11 ) Copyright 1999 by Tivoli Systems, an IBM Company, including this documentation and all software. All rights reserved. Tivoli Systems
More informationRSA SecurID Ready Implementation Guide
RSA SecurID Ready Implementation Guide Last Modified Thursday, May 08, 2003 1. Partner Information Partner Name Web Site Product Name Version & Platform Product Description Product Category Netegrity,
More informationIBM Tivoli Privacy Manager for e-business 1.2 SA
IBM Tivoli Privacy Manager for e-business 1.2 SA30-2149-00 IBM Tivoli Privacy Manager for e-business 1.2 SA30-2149-00 !, 111 B. (2003 9 ), IBM Tivoli Privacy Manager 1.2(5724-C07). Copyright International
More informationetrust SiteMinder Connector for Oracle Solutions Architecture, Installation and Configuration Guide For UNIX Version 1.6 (Rev 1.
etrust SiteMinder Connector for Oracle Solutions Architecture, Installation and Configuration Guide For UNIX Version 1.6 (Rev 1.1) October 2006 CA Inc. Solution Engineering Team 100 Staples Drive Framingham,
More informationCA SiteMinder. Agent for JBoss Guide SP1
CA SiteMinder Agent for JBoss Guide 12.52 SP1 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is for your
More informationOTP SERVER NETEGRITY SITEMINDER 6. Rev 1.0 INTEGRATION MODULE. Copyright, NordicEdge, 2005 O T P S E R V E R I N T E G R A T I O N M O D U L E
OTP SERVER INTEGRATION MODULE NETEGRITY SITEMINDER 6 Copyright, NordicEdge, 2005 www.nordicedge.se Copyright, 2005, NordicEdge AB Page 1 of 11 1 Introduction 1.1 OTP Server Overview Nordic Edge OTP Server
More informationEMC Unisphere 360 for VMAX
EMC Unisphere 360 for VMAX Version 8.4.0 Installation Guide REV 01 Copyright 2014-2017 EMC Corporation All rights reserved. Published May 2017 Dell believes the information in this publication is accurate
More informationetrust SiteMinder Agent r6.0 for IBM WebSphere
etrust SiteMinder Agent r6.0 for IBM WebSphere SiteMinder Agent for IBM WebSphere Guide r6.0 This documentation (the Documentation ) and related computer software program (the Software ) (hereinafter collectively
More informationEMC Unisphere 360 for VMAX
EMC Unisphere 360 for VMAX Version 8.3.0 Installation Guide REV 01 Copyright 2014-2016 EMC Corporation. All rights reserved. Published in the USA. Published September 2016 EMC believes the information
More informationDell EMC Unisphere 360
Dell EMC Unisphere 360 Version 9.0.1 Installation Guide REV 02 Copyright 2014-2018 Dell Inc. or its subsidiaries. All rights reserved. Published October 2018 Dell believes the information in this publication
More informationCA SiteMinder. Agent for JBoss Guide. r12.1 SP3. Third Edition
CA SiteMinder Agent for JBoss Guide r12.1 SP3 Third Edition This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationEMC Unisphere 360 for VMAX
EMC Unisphere 360 for VMAX Version 8.4.0 Online Help (PDF version) Copyright 2016-2017 EMC Corporation All rights reserved. Published May 2017 Dell believes the information in this publication is accurate
More informationKB 2449 CA Wily APM security example: CA SiteMinder for authentication with CA EEM for authorization
This article describes how you can perform a CA SiteMinder basic set up and configuration to provide CA Wily APM authentication before deploying CA EEM for. This example describes these tasks: Configure
More informationConfiguring a Secure Access etrust SiteMinder Server Instance (NSM Procedure)
Configuring a Secure Access etrust SiteMinder Server Instance (NSM Procedure) Within the Secure Access device, a SiteMinder instance is a set of configuration settings that defines how the Secure Access
More informationCA SiteMinder. Agent for JBoss Guide 12.51
CA SiteMinder Agent for JBoss Guide 12.51 This Documentation, which includes embedded help systems and electronically distributed materials (hereinafter referred to as the Documentation ), is for your
More informationCisco CMX Cloud Proxy Configuration Guide
Cisco CMX Cloud Proxy Configuration Guide Overview Welcome to Cisco Connected Mobility Experiences (CMX) in the cloud. CMX Cloud is essentially running the CMX software in a Cisco supported and maintained
More informationHow to Integrate CA SiteMinder with the Barracuda Web Application Firewall
How to Integrate CA SiteMinder with the Barracuda Web Application Firewall Overview CA/Netegrity SiteMinder provides an infrastructure for centralized and secure policy management of websites. It uniquely
More informationLast Updated: July 04 th, 2014.Changes from the previous version are in green. SITEMINDER ,29 PLATFORM SUPPORT 1. Policy Server 11,
Last Updated: July 04 th, 2014.Changes from the previous version are in green. SITEMINDER 6.0 22,29 PLATFORM SUPPORT 1. Policy Server 11, 28... 2 2. 31-bit/32-bit Web Agents11, 25... 2 3. SAML Affiliate
More informationCA SiteMinder Web Services Security
CA SiteMinder Web Services Security WSS Agent for IBM WebSphere Guide 12.52 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as
More informationVideo Media Center - VMC 1000 Getting Started Guide
Video Media Center - VMC 1000 Getting Started Guide Video Media Center - VMC 1000 Getting Started Guide Trademark Information Polycom, the Polycom logo design, Video Media Center, and RSS 2000 are registered
More informationSetup and Configure the Siteminder Policy Store with Dxmanager
One CA Plaza Islandia, NY 11749 T +1 631 342 6000 F +1 631 342 6800 ca.com June 20, 2013 Customer Request Number: N/A System/Application: Policy Server Module: Siteminder Policy Store with DXmanager Request
More informationIBM Tivoli Storage Manager Version Configuring an IBM Tivoli Storage Manager cluster with IBM Tivoli System Automation for Multiplatforms
IBM Tivoli Storage Manager Version 7.1.1 Configuring an IBM Tivoli Storage Manager cluster with IBM Tivoli System Automation for Multiplatforms IBM Tivoli Storage Manager Version 7.1.1 Configuring an
More informationIBM Tivoli Monitoring for Databases GA
IBM Tivoli Monitoring for Databases 5.1.0 GA30-1741-00 IBM Tivoli Monitoring for Databases 5.1.0 GA30-1741-00 !, 165 F. (2002 9 ), IBM Tivoli Monitoring for Databases 5.1.0. Copyright International Business
More informationIBM Tivoli!"!"#$%&'() IBM!"#$%&'()*+,
IBM Tivoli #$%&'() IBM #$%&'()*+, Contents... 2 #... 3 #$%&'()*+,-.... 5 #$%&'()*... 6 IBM #$%&'... 7!... 7!... 8!... 9!...10...10 #$...11 IBM Tivoli Identity Managery(#)... 11 IBM Tivoli Access Manager
More informationTivoli/Plus for ADSM 1.0
Tivoli/Plus for ADSM 1.0 8 Tivoli/Plus for??? Release Notes Tivoli/Plus for ADSM 1.0 System Requirements The Tivoli/Plus for ADSM module provides management of the ADSM version 1.2 server application and
More informationCA SiteMinder Federation Standalone
CA SiteMinder Federation Standalone Installation and Upgrade Guide r12.52 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as
More informationIBM Tivoli Monitoring for Messaging and Collaboration GA
IBM Tivoli Monitoring for Messaging and Collaboration 5.1.0 GA30-1685-00 IBM Tivoli Monitoring for Messaging and Collaboration 5.1.0 GA30-1685-00 !, 147 F. (2002 9 ) IBM Tivoli Monitoring for Messaging
More informationBonita Workflow. Getting Started BONITA WORKFLOW
Bonita Workflow Getting Started BONITA WORKFLOW Bonita Workflow Getting Started Bonita Workflow v3.0 Software January 2007 Copyright Bull SAS Table of Contents Chapter 1. New Features for Workflow...1
More informationPSS MVS 7.15 announcement
PSS MVS 7.15 announcement New Mainframe Software Print SubSystem MVS 7.15 AFP printing and AFP2PDF conversion Version 7.15 Bar Code + PDF Update with additional features and fixes 2880 Bagsvaerd Tel.:
More informationInteracting with HDFS
HADOOP Interacting with HDFS For University Program on Apache Hadoop & Apache Apex 1 2 What's the Need? Big data Ocean Expensive hardware Frequent Failures and Difficult recovery Scaling up with more machines
More informationEMC Unisphere for VMAX
EMC Unisphere for VMAX Version 8.4.0 Installation Guide REV 01 Copyright 2014-2017 EMC Corporation All rights reserved. Published May 2017 Dell believes the information in this publication is accurate
More informationReport for Jan-Nov-2006 pdf. General Statistics
Report for Jan-Nov-006 pdf Time range: /8/006 07:3:37 - /3/006 3:50:6 Generated on Mon Jan 0, 007-9:3:5 General Statistics Summary Summary Hits Total Hits 97,06 Average Hits per Day 89 Average Hits per
More informationHow To Set Up and Use the SAP ME Earned Standards Feature
SAP Manufacturing Execution How-To Guide How To Set Up and Use the SAP ME s Feature Applicable Release: ME 6.0 Version 1.0 June 4, 2012 Copyright 2012 SAP AG. All rights reserved. No part of this publication
More informationCA SiteMinder Web Services Security
CA SiteMinder Web Services Security WSS Agent Guide for iplanet Web Servers 12.52 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred
More informationCruisePay Enhancements for 2005 Training Guide Version 1.0
CruisePay Enhancements for 2005 Training Guide Version 1.0 Royal Caribbean Cruises Ltd. 2004 i 9/8/2005 Table of Content: 1 Overview 1 1.1 Purpose: 2 1.2 Assumptions: 2 1.3 Definitions: 2 2 Web Application
More informationPSS VM 7.15 announcement
PSS VM 7.15 announcement New Mainframe Software Print SubSystem VM 7.15 AFP printing to PCL and PostScript Version 7.15 Bar Code Update with additional features and fixes 2880 Bagsvaerd Tel.: +45 4436
More informationFirewall Network and Proxy Datasheet
Firewall Network and Proxy Datasheet This document lists information about Kontiki servers that you might need for configuring firewalls and proxy servers. As Kontiki selects vendors and expands services,
More informationIntegrating CA (formerly Netegrity) SiteMinder 6.0 with IBM Lotus Connections 2.0
Integrating CA (formerly Netegrity) SiteMinder 6.0 with IBM Lotus Connections 2.0 Xin BJ Xu IBM Software Group, WPLC Beijing, China Xiao Feng Yu IBM Software Group, WPLC Staff Software Engineer Shanghai,
More informationMyTraveler User s Manual
MyTraveler User s Manual MyTraveler is the DataTraveler Elite tool that enables you to access and customize your DataTraveler Elite through the MyTraveler Console. Messages and prompts guide you through
More informationMYOB EXO OnTheGo. Release Notes 1.2
MYOB EXO OnTheGo Release Notes 1.2 Contents Introduction 1 What s New in this Release?... 1 Installation 2 Pre-Install Requirements... 2 Installing the EXO API... 2 Installing EXO OnTheGo... 2 New Features
More informationInstallation Guide. Unisphere Central. Installation. Release number REV 07. October, 2015
Unisphere Central Release number 4.0 Installation 300-013-602 REV 07 October, 2015 Introduction... 2 Environment and system requirements... 2 Network planning...4 Download Unisphere Central...6 Deploy
More informationFOR SMALL AND MEDIUM SIZED AIRPORTS Velocity FIDS
is a FIDS solution for small and medium sized airports. It is available as an installed and as a cloud solution and it is multi airport solution. The package contains many use full features like a flight
More informationPunt Policing and Monitoring
Punt Policing and Monitoring Punt policing protects the Route Processor (RP) from having to process noncritical traffic, which increases the CPU bandwidth available to critical traffic. Traffic is placed
More informationThe LINK2000+ Test Facility Presentation. Eurocontrol LINK Programme
The LINK2000+ Test Facility Presentation Eurocontrol LINK 2000+ Programme October 2004 TABLE OF CONTENTS The Test Facility objectives...2 The Test Facility description...2 ATN routers...2 Air and Ground
More informationLab: ARM Assembly Shellcode
Lab: ARM Assembly Shellcode From Zero to ARM Assembly Bind Shellcode HITBSecConf2018 - Amsterdam 1 Learning Objectives ARM assembly basics Registers Most common instructions ARM vs. Thumb Load and Store
More informationFliteStar USER S GUIDE
FliteStar USER S GUIDE 2003 Jeppesen Sanderson, Inc. All rights reserved. Printed in the United States of America. No part of this publication may be reproduced, stored in a retrieval system, or transmitted,
More informationIncorporates passenger management, fleet management and revenue/cost reporting
1 Web based business system providing comprehensive functionality for domestic and international airline operations Incorporates passenger management, fleet management and revenue/cost reporting Comprehensive
More informationBy Prabath Siriwardena, WSO2
By Prabath Siriwardena, WSO2 Why OpenID??? Too many passwords Duplicated profiles everywhere Oops..!!! My favorite user name GONE!!! Why OpenID??? OpenID solves them all!!! Single user name/password Single
More informationInHotel. Installation Guide Release version 1.5.0
InHotel Installation Guide Release version 1.5.0 Contents Contents... 2 Revision History... 4 Introduction... 5 Glossary of Terms... 6 Licensing... 7 Requirements... 8 Licensing the application... 8 60
More informationIBM Tivoli Storage Area Network Manager
IBM Tivoli Storage Area Network Manager 1 3 SA30-1807-02 IBM Tivoli Storage Area Network Manager 1 3 SA30-1807-02 !, 47 3 (2003 12 ), IBM Tivoli Storage Area Network Manager( 5698-SRE 5698-SRS) 1, 3 (
More informationDART. Duty & Recreation Travel STAFF TRAVEL SIMPLIFIED. Straightforward, easy to use staff travel management system for the airline industry
DART Duty & Recreation Travel STAFF TRAVEL SIMPLIFIED. Straightforward, easy to use staff travel management system for the airline industry DART Duty & Recreation Travel 2 STAFF TRAVEL COULDN T GET EASIER
More informationLab: ARM Assembly Shellcode
Lab: ARM Assembly Shellcode From Zero to ARM Assembly Bind Shellcode HITBSecConf2018 - Amsterdam 1 Learning Objectives ARM assembly basics Registers Most common instructions ARM vs. Thumb Load and Store
More informationINTERNATIONAL CIVIL AVIATION ORGANIZATION AFI REGION AIM IMPLEMENTATION TASK FORCE. (Dakar, Senegal, 20 22nd July 2011)
IP-5 INTERNATIONAL CIVIL AVIATION ORGANIZATION AFI REGION AIM IMPLEMENTATION TASK FORCE (Dakar, Senegal, 20 22nd July 2011) Agenda item: Presented by: Implementation of a African Regional Centralised Aeronautical
More informationRelease Notes Business Rules Version 10x Up to Spring 2019 Release for SIBR/BSAP/RC-BSAP
Release Notes Business Rules Version 10x Up to Spring 2019 Release for SIBR/BSAP/RC-BSAP Revision History Date Version By Description 11/27/2018 1.0 WT Initial Draft for Spring 2019 set. RC Base Schedule
More informationICTAP Program. Interoperable Communications Technical Assistance Program. Communication Assets Survey and Mapping (CASM) Tool Short Introduction
ICTAP Program Interoperable Communications Technical Assistance Program Communication Assets Survey and Mapping (CASM) Tool Short Introduction Outline Overview General Information Purpose Security Usage
More informationCASS & Airline User Manual
CASSLink AWB Stock Management System CASS & Airline User Manual Version 2.11 (for CASSLink Version 2.11) Version 2.11 1/29 March 2009 CASSLink Stock Management Table of Contents Introduction... 3 1. Initialising
More informationSoftware withdrawal and service discontinuance: IBM Tivoli and IBM Security selected products
IBM United States Withdrawal Announcement 912-188, dated September 11, 2012 Software withdrawal and service discontinuance: IBM Tivoli and IBM Security selected products Table of contents 1 Overview 5
More informationCircular No. : NCDEX/TECHNOLOGY-027/2013/322 Date : October 23, 2013 Subject : Mock Trading Session for Spread day orders through Tradex Version 3.1.
NATIONAL COMMODITY & DERIVATIVES EXCHANGE LIMITED Circular to all Trading and Clearing members of the Exchange Circular No. : NCDEX/TECHNOLOGY-027/2013/322 Date : October 23, 2013 Subject : Mock Trading
More informationWOS Agent Portal Introduction Aug 2014
Contact WOS Agent Portal Introduction Quality Assurance & Training Department AUG 2014 E-mail portal_support@cpsl.com.hk Service Desk Tel : 2767 9838 (24 hours) Agent Portal Support Team Tel : 2767 9750
More informationService discontinuance and software withdrawal: IBM Tivoli selected products Replacements available
Withdrawal Announcement September 12, 2006 Service discontinuance and software withdrawal: IBM Tivoli selected products Replacements available Overview IBM is withdrawing support for selected releases
More informationUM1868. The BlueNRG and BlueNRG-MS information register (IFR) User manual. Introduction
User manual The BlueNRG and BlueNRG-MS information register (IFR) Introduction This user manual describes the information register (IFR) of the BlueNRG and BlueNRG-MS devices and provides related programming
More informationComfort Pro A Hotel. User Manual
Comfort Pro A Hotel User Manual Contents ComfortPro A Hotel 5 Software Features............................................................6 Scope of Delivery.............................................................7
More informationMARKETO INTEGRATION GUIDE
MARKETO INTEGRATION GUIDE VERSION 1.2 JANUARY 2016 DOCUMENT PURPOSE This purpose of this document is to guide clients through the process of integrating Marketo and the WorkCast Platform. DOCUMENT CONTROL
More informationPreliminary Staff User s Manual. CASSi The Computerized Aircraft Scheduling System Rev. 1.28a. February 10, 2001
CASSi The Computerized Aircraft Scheduling System Rev. 1.28a February 10, 2001 Page 1 of 37 June 25, 2000 Introduction CASSi is the Computerized Aircraft Scheduling System, an Internet based system that
More informationConcur Travel: Post Ticket Change Using Sabre Automated Exchanges
Concur Travel: Post Ticket Change Using Sabre Automated Exchanges Travel Service Guide Applies to Concur Travel: Professional/Premium edition TMC Partners Direct Customers Standard edition TMC Partners
More informationConcur Travel: User Supplied Hotels
Concur Travel: User Supplied Hotels Travel Service Guide Applies to Concur Travel: Professional/Premium edition TMC Partners Direct Customers Standard edition TMC Partners Direct Customers Contents User
More informationImplementing OpenID for Your Social Networking Web Site
Implementing OpenID for Your Social Networking Web Site By David Keener http://www.keenertech.com Introduction Social networking sites are communities Communities consist of people Getting people to join
More informationWHAT S NEW in 7.9 RELEASE NOTES
7.9 RELEASE NOTES January 2015 Table of Contents Session Usability...3 Smarter Bookmarks... 3 Multi-Tabbed Browsing... 3 Session Time Out Pop Up... 4 Batch No Show Processing...5 Selecting a Guarantee
More informationVacuum Controls and Interlocks
Vacuum Controls and Interlocks CERN Accelerator School Platja D Aro, 16-24 May 2006 P. Strubin (CERN) Outline Introduction Architecture 3 tiers architecture Example of the LHC vacuum system Mapping the
More informationJanuary 2018 Air Traffic Activity Summary
January 2018 Air Traffic Activity Summary Jan-2018 Jan-2017 CY-2018 CY-2017 Passengers 528,947 505,421 4.7% 528,947 505,421 4.7% Passengers 537,332 515,787 4.2% 537,332 515,787 4.2% Passengers 1,066,279
More informationCIVIL AVIATION PUBLICATION CAP 00 GENERAL
CAP 00 GENERAL FOREWORD REVISION STATUS & LEP This Page Intentionally Left Blank FOREWORD Civil Aviation Publications (CAPs) are issued under the authority granted to the Director General by Decree. The
More informationAircraft Communication and Reporting System (ACARS) User s manual
Aircraft Communication and Reporting System (ACARS) User s manual v1.1, applies to ACARS version 1.0.2.0 Table of Contents License... 3 System Requirements... 3 Installation... 4 Uninstallation... 4 General
More informationBaggage Reconciliation System
Product Description PD-TS-105 Issue 1.0 Date January 2015 The purpose of this product description is to enable the customer to satisfy himself as to whether or not the product or service would be suitable
More informationAvitech GmbH AIXM Capabilities & Experiences
Avitech GmbH AIXM Capabilities & Experiences Werner Schwarze Regional Sales Director Dakar/04. October 2016 Avitech Introduction Avitech GmbH of Germany, is a key piece in Indra ATM being the unique provider
More informationAviation Software. DFT Database API. Prepared by: Toby Wicks, Software Engineer Version 1.1
DFT Database API Prepared by: Toby Wicks, Software Engineer Version 1.1 19 November 2010 Table of Contents Overview 3 Document Overview 3 Contact Details 3 Database Overview 4 DFT Packages 4 File Structures
More informationHPE Automatic Number Plate Recognition Software Version: Automatic Number Plate Recognition Release Notes
HPE Automatic Number Plate Recognition Software Version: 14.4.0 Automatic Number Plate Recognition Release Notes Document Release Date: February 2016 Software Release Date: February 2016 Legal Notices
More informationVirginia Medicaid Web Portal Provider Maintenance Frequently Asked Questions Revised 02/20/2015. FAQ Contents. General Questions
Virginia Medicaid Web Portal Provider Maintenance Frequently Asked Questions Revised 02/20/2015 FAQ Contents General Questions.......................................... Page 1 Provider Maintenance Menu...................................
More informationICFP programming contest 2017 Lambda punter (1.3)
ICFP programming contest 2017 Lambda punter (1.3) ICFP programming contest organisers 4th August 2017 1 Introduction This year s task is to efficiently transport lambdas around the world by punt. A punt
More informationDistributed Object Storage System Ceph in Practice
Distributed Object Storage System Ceph in Practice Dominik Joe Pantůček dominik.pantucek@trustica.cz Trustica 8.10.2016 Dominik Joe Pantůček Trustica Practical Ceph 8.10.2016 1 / 32 Legal notice. Dominik
More informationSoftware withdrawal: IBM Tivoli selected part numbers
Announcement November 9, 2004 Software withdrawal: IBM Tivoli selected part numbers Overview Effective on the dates listed in the Program withdrawals section, IBM will withdraw marketing the program numbers
More informationSENIOR CERTIFICATE EXAMINATIONS
SENIOR CERTIFICATE EXAMINATIONS INFORMATION TECHNOLOGY P1 2017 MARKS: 150 TIME: 3 hours This question paper consists of 21 pages. Information Technology/P1 2 DBE/2017 INSTRUCTIONS AND INFORMATION 1. This
More informationExperience with Digital NOTAM
Experience with Digital NOTAM Richard Rombouts Senior Consultant Snowflake Software Digital NOTAM in our Products Support for Digital NOTAM (v1.0 & v2.0) in GO Loader v1.7.4 GO Publisher v3.0 ATM Viewer
More informationSYSTEM BRIEF DAILY SUMMARY
SYSTEM BRIEF SUMMARY * ANNUAL (PEAK HOURS 7:00 AM TO 10:00 PM MON-SAT) MaxTemp NEL (MWH) Hr Ending Hr Ending LOAD ENERGY (MWH) INCREMENTAL COST DAY DATE Civic TOTAL MAXIMUM @Max MINIMUM @Min FACTOR ON
More informationA320 Motorized PRO TQ Installation & Operation Manual
SKU: 146292 A320 Motorized PRO TQ Installation & Operation Manual Version 1.2 April 2018 by Luciano Napolitano ENGLISH ME145029 Official website for information and support: www.fsc.it INDEX 1 - BOX CONTENTS,
More informationLessons Learned from Army Interoperability Certification Testing
Lessons Learned from Army Interoperability Certification Testing Robert Boerjan CTSF Capability Set Coordinator, CTSF (24) 4-1888 (24) 32-8321 x279 RDCS Technology, INC robert.boerjan@us.army.mil Analysis
More informationCA SiteMinder Web Access Manager r12
Reference Code: TA001441SEC Publication Date: July 2008 Author: Aanchal Sabharwal, Angela Eager, and Somak Roy TECHNOLOGY AUDIT CA SiteMinder Web Access Manager r12 CA BUTLER GROUP VIEW ABSTRACT CA SiteMinder
More informationSpecial edition paper Development of a Crew Schedule Data Transfer System
Development of a Crew Schedule Data Transfer System Hideto Murakami* Takashi Matsumoto* Kazuya Yumikura* Akira Nomura* We developed a crew schedule data transfer system where crew schedule data is transferred
More informationRelease Note
Release Note 2018.05 Release Note 2018.05 Content onesto Release Note 2018.05 02 GENERAL I. Reduced Distance When Printing The Travel Expense Report... 03 II. Travel Policy Deviation Report Extension...
More informatione.pricing e.pricing Manual
e.pricing Manual The World s Leading provider of informed travel choice Copyright February 2007 Worldspan Training and Development London Worldspan is owned by Travel Transaction Processing Corp. e.pricing
More informationRelease Note
Release Note 2018.08 02 Release Note 2018.08 Content GENERAL I. Notification Management Usage For Car Bookings... 03 II. Extension Location Proposal For Company Locations In The Close Vicinity... 04 FLIGHT
More informationFederal GIS Conference February 10 11, 2014 Washington DC. ArcGIS for Aviation. David Wickliffe
Federal GIS Conference 2014 February 10 11, 2014 Washington DC ArcGIS for Aviation David Wickliffe What is ArcGIS for Aviation? Part of a complete system for managing data, products, workflows, and quality
More informationELOQUA INTEGRATION GUIDE
ELOQUA INTEGRATION GUIDE VERSION 2.2 APRIL 2016 DOCUMENT PURPOSE This purpose of this document is to guide clients through the process of integrating Eloqua and the WorkCast Platform and to explain the
More informatione-airportslots Tutorial
e-airportslots Tutorial 2017 by IACS (International Airport Coordination Support) page 1 Table of contents 1 Browser compatibility... 4 2 Welcome Screen... 4 3 Show Flights:... 4 4 Coordination... 7 4.1
More informationSummary. Filename: IDOC Created: July 24, 2012 Modified: May 6, 2013
Commercial Systems 400 Collins Road NE Cedar Rapids, IA 52498 Tel.319.295.5000 Fax 319.295.5064 Title: Rockwell Collins Data Link Graphical Weather Services, Single & Dual FANS, ARINC 702A AOC Messaging
More informationVersion 8.5 PENTAGON 2000 SOFTWARE. Flight Operations Module
Version 8.5 PENTAGON 2000 SOFTWARE Pentagon 2000 Software 15 West 34 th Street 5 th Floor New York, NY 10001 Phone 212.629.7521 Fax 212.629.7513 TITLE: PART: Quality MODULE: BUILD 8.5.54.113.18 RESPONSIBILITY:
More informationPSS Integrating 3 rd Party Intelligent Terminal. Application Note. Date December 15, 2009 Document number PSS5000/APNO/804680/00
PSS 5000 Application Note Integrating 3 rd Party Intelligent Terminal Date December 15, 2009 Document number PSS5000/APNO/804680/00 Doms A/S Formervangen 28 Tel. +45 4329 9400 info@doms.dk DK-2600 Glostrup
More information