Page 1
Getting Started Guide
Novell®
Privileged User Manager
novdocx (en) 16 April 2010
AUTHORIZED DOCUMENTATION
2.2.1
March 31, 2010
www.novell.com
Novell Privileged User Manager 2.2.1 Getting Started Guide
Page 2
Legal Notices
Novell, Inc., makes no representations or warranties with respect to the contents or use of this documentation, and
specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose.
Further, Novell, Inc., reserves the right to revise this publication and to make changes to its content, at any time,
without obligation to notify any person or entity of such revisions or changes.
Further, Novell, Inc., makes no representations or warranties with respect to any software, and specifically disclaims
any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc.,
reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to
notify any person or entity of such changes.
Any products or technical information provided under this Agreement may be subject to U.S. export controls and the
trade laws of other countries. You agree to comply with all export control regulations and to obtain any required
licenses or classification to export, re-export or import deliverables. You agree not to export or re-export to entities on
the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in the U.S. export laws.
You agree to not use deliverables for prohibited nuclear, missile, or chemical biological weaponry end uses. See the
Novell International Trade Services Web page (http://www.novell.com/info/exports/) for more information on
exporting Novell software. Novell assumes no responsibility for your failure to obtain any necessary export
approvals.
novdocx (en) 16 April 2010
Copyright © 2009 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied,
stored on a retrieval system, or transmitted without the express written consent of the publisher.
Novell, Inc., has intellectual property rights relating to technology embodied in the product that is described in this
document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S.
patents listed on the Novell Legal Patents Web page (http://www.novell.com/company/legal/patents/) and one or
more additional patents or pending patent applications in the U.S. and in other countries.
Novell, Inc.
404 Wyman Street, Suite 500
Waltham, MA 02451
U.S.A.
www.novell.com
Online Documentation: To access the latest online documentation for this and other Novell products, see
the Novell Documentation Web page (http://www.novell.com/documentation).
Page 3
Novell Trademarks
For Novell trademarks, see the Novell Trademark and Service Mark list (http://www.novell.com/company/legal/
trademarks/tmlist.html).
Third-Party Materials
All third-party trademarks are the property of their respective owners.
novdocx (en) 16 April 2010
Page 4
novdocx (en) 16 April 2010
4 Novell Privileged User Manager 2.2.1 Getting Started Guide
Page 5
Contents
About This Guide 7
1 Novell Privileged User Manager Overview 9
1.1 Product Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.2 Components. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.3 What’s New in 2.2.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
1.3.1 General Installation Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.3.2 Framework User Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.3.3 Command Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.3.4 Compliance Auditor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.3.5 Reporting Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
1.3.6 Package Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2 Installation Requirements 13
novdocx (en) 16 April 2010
2.1 Software Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.2 System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.3 Supported Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.4 Procedural Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
3 Installing the Framework Manager 15
3.1 Installing a Framework Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.1.1 AIX Framework Manager Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.1.2 HP-UX Framework Manager Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
3.1.3 Linux Framework Manager Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
3.1.4 Solaris Framework Manager Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
3.1.5 Tru64 Framework Manager Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
3.1.6 Windows Framework Manager Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
3.2 Accessing the Framework Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
3.3 Installing a Novell Privileged User Manager License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
3.4 Setting Up a Package Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
3.5 Stopping and Restarting the Framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.5.1 AIX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.5.2 HP-UX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.5.3 Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.5.4 Solaris . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
3.5.5 Tru64 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.5.6 Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.6 Removing the Framework Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.6.1 AIX Manager Uninstall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.6.2 HP-UX Manager Uninstall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
3.6.3 Linux Manager Uninstall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
3.6.4 Solaris Manager Uninstall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
3.6.5 Tru64 Manager Uninstall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
3.6.6 Windows Manager Uninstall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Contents 5
Page 6
4 Installing the Agents 27
4.1 Agent Installation Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
4.2 Creating a Host Name for Each Agent. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
4.3 Opening Firewall Ports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
4.4 Installing and Registering a Framework Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
4.4.1 AIX Agent Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
4.4.2 HP-UX Agent Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
4.4.3 Linux Agent Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
4.4.4 Solaris Agent Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
4.4.5 Tru64 Agent Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
4.5 Removing the Agent Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
4.5.1 AIX Agent Uninstall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
4.5.2 HP-UX Agent Uninstall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
4.5.3 Linux Agent Uninstall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
4.5.4 Solaris Agent Uninstall. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
4.5.5 Tru64 Agent Uninstall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
5 Upgrading from 2.2 to 2.2.1 35
novdocx (en) 16 April 2010
6 Novell Privileged User Manager 2.2.1 Getting Started Guide
Page 7
About This Guide
This Getting Started Guide explains the hardware requirements for the Privileged User Manager
components, then explains how to install the components.
Chapter 1, “Novell Privileged User Manager Overview,” on page 9
Chapter 2, “Installation Requirements,” on page 13
Chapter 3, “Installing the Framework Manager,” on page 15
Chapter 4, “Installing the Agents,” on page 27
Chapter 5, “Upgrading from 2.2 to 2.2.1,” on page 35
Audience
This guide is intended for users who install and manage the Privileged User Manager product.
novdocx (en) 16 April 2010
Feedback
We want to hear your comments and suggestions about this manual and the other documentation
included with this product. Please use the User Comments feature at the bottom of each page of the
online documentation, or go to www.novell.com/documentation/feedback.html and enter your
comments there.
Documentation Updates
For the most recent version of the Getting Started Guide, visit the Privileged User Manager Web
Site (http://www.novell.com/documentation/privilegedusermanager22).
Additional Documentation
Privileged User Manager Administration Guide (http://www.novell.com/documentation/
privilegedusermanager22/npum_admin/data/bkyzr9y.html)
Documentation Conventions
In Novell
items in a cross-reference path.
A trademark symbol (
trademark.
®
documentation, a greater-than symbol (>) is used to separate actions within a step and
®
, TM, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party
About This Guide 7
Page 8
novdocx (en) 16 April 2010
8 Novell Privileged User Manager 2.2.1 Getting Started Guide
Page 9
1
Novell Privileged User Manager
novdocx (en) 16 April 2010
Overview
Novell® Privileged User Manager delivers a robust and scalable architecture, intuitive management
console and reusable script and command libraries that enable administrators to reduce management
overhead and infrastructure costs in your environment.
Section 1.1, “Product Overview,” on page 9
Section 1.2, “Components,” on page 9
Section 1.3, “What’s New in 2.2.1,” on page 10
1.1 Product Overview
Many organizations needlessly expose their superuser or root account credentials to users who are
required to run commands that need elevated privileges, and passwords are often not changed when
administrative staff change jobs. This opens potential back doors into systems and increases the
likelihood of a security breach.
Novell Privileged User Manager helps IT administrators manage the identity and access for
superuser and root accounts by providing controlled superuser access to administrators, allowing
them to perform jobs without needlessly exposing root account credentials. It also provides a
centralized activity log across multiple platforms. The introduction of Novell Privileged User
Manager enriches the Novell Identity and Access Management and Compliance Management
solutions by adding auditing and tracking capabilities for privileged user activity across the
organization.
1
Novell Privileged User Manager limits corporate susceptibility to unauthorized transactions and
information access by helping organizations rapidly deploy superuser management and tracking
across all UNIX* and Linux* environments. It reduces management overhead and infrastructure
costs, controls and records which privileged users have access to what, and reduces costs and errors
through demonstrable compliance audits.
Novell Privileged User Manager works by delegating privileged access, which is authorized via a
centralized database. The end result is that a user is authorized to run the privileged command and
all activity is logged. The centralized database provides for easier administration. Compared to
competitive solutions in the marketplace, Novell Privileged User Manager is deployed more
quickly, provides faster response time, better logging and auditing and improved administration, and
leads to a more secure system and a fast return on investment.
1.2 Components
Privileged User Manager consists of a Framework Manager, where you manage and configure the
system, and an agent, which is installed on each machine where you want to monitor and control
superuser access.
Novell Privileged User Manager Overview
9
Page 10
Figure 1-1 Framework Manager
From the Home page, you have access to six administrative consoles:
Compliance Auditor: Proactive auditing tool that pulls events from the event logs for
analysis, according to predefined rules. It pulls filtered audit events at hourly, daily, weekly or
monthly intervals. This enables auditors to view prefiltered security transactions, play back
recordings of user activity, and record notes for compliance purposes. In an era of increasing
regulatory compliance requirements, the ability to supply demonstrable audit compliance at
any time provides a more secure system and reduces audit risk.
novdocx (en) 16 April 2010
Framework User Manager: Manages users who log in to the Framework Manager through
role-based grouping.
Hosts: Centrally manages Privileged User Manager installation and updates, load-balancing,
redundancy of resources, and host alerts.
Reporting: Provides easy access and search capability for event logs and allows you review
and color-code user keystroke activity through the Command Risk Analysis Engine.
Command Control: Uses an intuitive graphical interface to manage security policies for
privilege management.
Package Manager: Lets you easily update any Privileged User Manager application.
1.3 What’s New in 2.2.1
The following new features have been added to Privileged User Manager 2.2.1.
Section 1.3.1, “General Installation Updates,” on page 11
Section 1.3.2, “Framework User Manager,” on page 11
Section 1.3.3, “Command Control,” on page 11
Section 1.3.4, “Compliance Auditor,” on page 11
Section 1.3.5, “Reporting Console,” on page 12
Section 1.3.6, “Package Manager,” on page 12
10 Novell Privileged User Manager 2.2.1 Getting Started Guide
Page 11
1.3.1 General Installation Updates
Framework Manager installations now include the Syslog Emitter, which allows events to be
published to a syslog server that supports TCP. For more information, see “Syslog Settings” in
the Novell Privileged User Manager 2.2.1 Administration guide.
Privileged User Manager can now be installed on Linux Mainframe zSeries 64-bit on SLES
For upgrades from 2.2 to 2.2.1, please see Chapter 5, “Upgrading from 2.2 to 2.2.1,” on
(SUSE
®
Linux Enterprise Server) versions 10 SP2 and 11 and Red Hat* version 5.
page 35.
A Sentinel collector is available for Privileged User Manager. To download the collector and
instructions, see Sentinel 6.1 Content (http://support.novell.com/products/sentinel/secure/
sentinel61.html).
1.3.2 Framework User Manager
Help Desk Role: You can select from a predefined set of attributes to create a help desk group
that can only manage user password problems such as forgotten passwords and locked accounts
because of too many bad login attempts. For more information, see “Configuring a Help Desk
Group” in the Novell Privileged User Manager 2.2.1 Administration guide.
LDAP Authentication: You can configure Framework Manager users so that they obtain their
authentication credentials from an LDAP server. For more information, see “Modify User:
Native Maps ” in the Novell Privileged User Manager 2.2.1 Administration guide.
novdocx (en) 16 April 2010
1.3.3 Command Control
Backup and Restore: You can create a backup of the Command Control database and restore
the backup at a future date. For more information, see “Backing Up and Restoring” in the
Novell Privileged User Manager 2.2.1 Administration guide.
Keystroke Error Reporting: The Command Control agent now sends an appropriate message
rather than “session not terminated” when an error occurs with the keystroke file. The
following messages can now be sent to the audit manager for display:
File does not exist
Remote host does not exist
Run user does not exist
Executing binary does not exist
Run process missing
usrun -t Option: Provides a test command option that tests the specified command against the
rule structure. A yes or no is printed to the screen, indicating whether the command would be
accepted or not. For more information, see “Using usrun with a Command” in the Novell
Privileged User Manager 2.2.1 Administration guide
1.3.4 Compliance Auditor
Archive: You can archive records, store them offline, and restore them. For more information,
see “Archiving Records” in the Novell Privileged User Manager 2.2.1 Administration guide.
Export and Import: You can export and import audit rules, audit report settings, and access
control levels.
Novell Privileged User Manager Overview 11
Page 12
Keystroke Size: The log size of the keystroke file is now visible from the main page of the
Compliance Auditor console. For more information, see “Compliance Auditor Records ” in the
Novell Privileged User Manager 2.2.1 Administration guide.
Keystroke Session Termination: When viewing a keystroke session that was not properly
terminated, you can now terminate the session.
1.3.5 Reporting Console
Read and Update Roles for Record Viewing: You can assign roles to reports. This restricts
viewing and the updating the reports to the users who have been assigned the appropriate roles.
For more information, see “Modifying General Report Information” in the Novell Privileged
User Manager 2.2.1 Administration guide
Session End Time: When viewing Command Control reports, you can see the session end
time. You can also filter on this value. For more information, see “Filtering the Viewable
Records ” in the Novell Privileged User Manager 2.2.1 Administration guide.
Syslog Support: You can configure Privileged User Manager to send audit events as syslog
messages to a syslog server (either a Sentinel
TCP). For more information, see “Syslog Settings” in the Novell Privileged User Manager
2.2.1 Administration guide.
TM
server or newer syslog servers that support
novdocx (en) 16 April 2010
A Privileged User Manager collector is also available in the Sentinel Log Manager (http://
www.novell.com/products/sentinel-log-manager/) and as a Sentinel download (see Sentinel 6.1
Content (http://support.novell.com/products/sentinel/secure/sentinel61.html)).
Report Filters: You can define report filters by using drop-down menus based on audit
information that is collected by Privileged User Manager. For more information, see “Filtering
the Viewable Records ” in the Novell Privileged User Manager 2.2.1 Administration guide.
1.3.6 Package Manager
Improved Backup Checks: The distribution agent now checks the version of the current
package backup. If you try to update the current package with the same version, a warning
message is displayed and the package is not updated.
12 Novell Privileged User Manager 2.2.1 Getting Started Guide
Page 13
2
Installation Requirements
Section 2.1, “Software Prerequisites,” on page 13
Section 2.2, “System Requirements,” on page 13
Section 2.3, “Supported Platforms,” on page 13
Section 2.4, “Procedural Overview,” on page 14
2.1 Software Prerequisites
novdocx (en) 16 April 2010
2
Novell
Adobe* Flash* Player.
Novell Privileged User Manager license. Log in to the Novell Customer Center (http://
®
Privileged User Manager installation software. Log in to the Novell Customer Center
(http://www.novell.com/center) and follow the link that allows you to download the software.
www.novell.com/center) and download the license.
NOTE: By default, new installations are provided with a 90-day license for five agents, one of
which is the manager.
2.2 System Requirements
A PUM agent should have the following system requirements:
CPU - 300 MHz (RISC), 1GHz (CISC)
Memory - 50 MB additional memory
Hard Disk - 100 MB additional memory
A PUM manager should have the following system requirements:
CPU - 1 GHz or more (RISC), 2 GHz or more (CISC)
Memory - 250 MB additional memory
Hard Disk - 150 MB additional memory and additional memory for Audit Storage
TIP: Approximate additional memory calculation for Audit Storage = (250 KB) X (number of PUM
users) X (number of sessions per day (usually 8 sessions)).
2.3 Supported Platforms
The Framework Manager software and Framework Agent software have been tested on the
following platforms:
IBM* AIX* 32-bit and 64-bit on versions 5.3 and 6.1
HP-UX* (PA-RISC) 32-bit and 64-bit on versions 11.11 and 11.23
HP-UX (Itanium*) 64-bit on version 11.23
SUSE
®
Linux Enterprise Server (SLES) 32-bit and 64-bit on versions 10 SP1, SP2, SP3 and 11
Installation Requirements
13
Page 14
Red Hat* 32-bit and 64-bit on versions 4.0 x86 and 5.0 x86
Linux Mainframe zSeries 64-bit on SLES versions 10 SP2 and 11 and Red Hat version 5
Sun* Solaris* (SPARC*) 32-bit and 64-bit on versions 8, 9, and 10
Sun Solaris (Intel*) 32-bit and 64-bit on versions 8, 9, and 10
HP Tru64* UNIX 64-bit on 5.1a and 5.1b
VMware* ESX Server 64-bit on 3.0 and 3.5
Xen* Hypervisor version 3.2 and 3.3
Open Enterprise Server 2 SP1 and SP2 (32-bit and 64-bit)
The Framework Manager can also be installed on Windows* 2003 Server 32-bit or 64-bit. There is
no agent software for the Windows platforms.
Ensure that your operating system is running the vendor's latest maintenance patches.
Third Party Tested Platforms
The agent can be installed on the following Linux platform:
novdocx (en) 16 April 2010
Univention Corporate Server (UCS) 2.3
2.4 Procedural Overview
The following steps are required to install Privileged User Manager:
1 Install a Framework Manager. See Chapter 3, “Installing the Framework Manager,” on
page 15.
2 When the installation has completed, access and log in to the console. See Section 3.2,
“Accessing the Framework Console,” on page 19.
3 Install the Privileged User Manager license. See Section 3.3, “Installing a Novell Privileged
User Manager License,” on page 20.
By default, new installations are provided with a 90-day license for five agents, one of which is
the manager. You need to install your license before the default license expires.
4 Set up a Package Manager so you can install additional packages on the agents and push
package updates to your framework components. See Section 3.4, “Setting Up a Package
Manager,” on page 20.
5 Install and register a Framework Agent on the computers that you want to manage. See
Chapter 4, “Installing the Agents,” on page 27.
When you have installed and registered the Framework agents, you have completed the
installation of the Framework.
6 For configuration information, see the Novell Privileged User Manager 2.2.1 Administration
guide.
14 Novell Privileged User Manager 2.2.1 Getting Started Guide
Page 15
3
Installing the Framework Manager
Section 3.1, “Installing a Framework Manager,” on page 15
Section 3.2, “Accessing the Framework Console,” on page 19
Section 3.3, “Installing a Novell Privileged User Manager License,” on page 20
Section 3.4, “Setting Up a Package Manager,” on page 20
Section 3.5, “Stopping and Restarting the Framework,” on page 21
Section 3.6, “Removing the Framework Manager,” on page 23
3.1 Installing a Framework Manager
Currently, the Framework Manager is available for installation on the platforms listed below. Refer
to Chapter 2, “Installation Requirements,” on page 13 for more information regarding supported
versions.
novdocx (en) 16 April 2010
3
For detailed installation instructions for your platform, select from the list below:
Section 3.1.1, “AIX Framework Manager Install,” on page 15
Section 3.1.2, “HP-UX Framework Manager Install,” on page 16
Section 3.1.3, “Linux Framework Manager Install,” on page 16
Section 3.1.4, “Solaris Framework Manager Install,” on page 17
Section 3.1.5, “Tru64 Framework Manager Install,” on page 18
Section 3.1.6, “Windows Framework Manager Install,” on page 18
3.1.1 AIX Framework Manager Install
The AIX installation package is compressed through gzip. In order to install the package, you must
unzip the package through gunzip.
By default, the installation program installs the software into
create a directory in the required part of the file system and create a symbolic link to
.
npum
To install the AIX manager:
1 Copy the installation package to a temporary location and use the following command to
extract the installation files:
gunzip <filename>
See the “Novell Privileged User Manager Readme” (http://www.novell.com/documentation/
privilegedusermanager22/readme/privilegedusermanager_readme.html) for the actual
filename.
/opt/novell/npum
. To change this,
/opt/novell/
Installing the Framework Manager
15
Page 16
2 After the AIX installation package is uncompressed, use one of the following methods to
perform the installation.
The AIX smitty program.
The following command:
installp -acgNQqwX -d <directory of .bff file> novellnpum
3 After installation is complete, check that the service is running by viewing the log file. The log
file is located in
/opt/novell/npum/logs/unifid.log
, if the default install location was
used. If the manager installed correctly, services should be listening on 0.0.0.0:29120 and
0.0.0.0:443.
4 If you have been supplied with a license, log in to the Framework Console and install the
license.
For information, refer to Section 3.2, “Accessing the Framework Console,” on page 19, and
then Section 3.3, “Installing a Novell Privileged User Manager License,” on page 20.
3.1.2 HP-UX Framework Manager Install
The HP-UX installation package is compressed through gzip. In order to install the package, you
must unzip the package through gunzip.
novdocx (en) 16 April 2010
By default, the installation program installs the software into
/opt/novell/npum
create a directory in the required part of the file system and create a symbolic link to
.
npum
. To change this,
/opt/novell/
To install the HP-UX manager:
1 Copy the installation package to a temporary location and use the following command to
extract the installation files:
gunzip <filename>
See the “Novell Privileged User Manager Readme” (http://www.novell.com/documentation/
privilegedusermanager22/readme/privilegedusermanager_readme.html) for the actual
filename.
2 After the HP-UX installation package is uncompressed, use the following command to install
the manager:
swinstall -s /<directory of .depot file>/<filename>.depot \*
3 After installation is complete, check that the service is running by viewing the log file. The log
file is located in
/opt/novell/npum/logs/unifid.log,
if the default install location was
used. If the manager installed correctly, services should be listening on 0.0.0.0:29120 and
0.0.0.0:443.
4 If you have been supplied with a license, log in to the Framework Console and install the
license.
For information, refer to Section 3.2, “Accessing the Framework Console,” on page 19, and
then Section 3.3, “Installing a Novell Privileged User Manager License,” on page 20.
3.1.3 Linux Framework Manager Install
Linux hosts use the RPM packaging system for installation, upgrade, and removal.
16 Novell Privileged User Manager 2.2.1 Getting Started Guide
Page 17
novdocx (en) 16 April 2010
By default, the installation program installs the software into
create a directory in the required part of the file system and create a symbolic link to
.
npum
/opt/novell/npum
. To change this,
/opt/novell/
To install the Linux manager:
1 Copy the installation package to a temporary location and use the following command to install
the file:
rpm -i <filename>.rpm
See the “Novell Privileged User Manager Readme” (http://www.novell.com/documentation/
privilegedusermanager22/readme/privilegedusermanager_readme.html) for the actual
filename.
2 After installation is complete, check that the service is running by viewing the log file. The log
file is located in
/opt/novell/npum/logs/unifid.log
, if the default install location was
used. If the manager installed correctly, services should be listening on 0.0.0.0:29120 and
0.0.0.0:443.
3 If you have been supplied with a license, log in to the Framework Console and install the
license.
For information, refer to Section 3.2, “Accessing the Framework Console,” on page 19, and
then Section 3.3, “Installing a Novell Privileged User Manager License,” on page 20.
3.1.4 Solaris Framework Manager Install
The Solaris installation package is compressed through gzip. In order to install the package, you
must unzip the package through gunzip.
By default, the installation program installs the software into
/opt/novell/npum
create a directory in the required part of the file system and create a symbolic link to
.
npum
. To change this,
/opt/novell/
To install the Solaris manager:
1 Copy the installation package to a temporary location and use the following command to
extract the installation files:
gunzip <filename>
See the “Novell Privileged User Manager Readme” (http://www.novell.com/documentation/
privilegedusermanager22/readme/privilegedusermanager_readme.html) for the actual
filename.
2 After the Solaris installation package is uncompressed, use the following command to install
the manager:
pkgadd -d /<directory of .pkg file>/<filename>.pkg
3 After installation is complete, check that the service is running by viewing the log file. The log
file is located in
/opt/novell/npum/logs/unifid.log
, if the default install location was
accepted. If the manager installed correctly, services should be listening on 0.0.0.0:29120 and
0.0.0.0:443.
Installing the Framework Manager 17
Page 18
4 If you have been supplied with a license, log in to the Framework Console and install the
license.
For information, refer to Section 3.2, “Accessing the Framework Console,” on page 19, and
then Section 3.3, “Installing a Novell Privileged User Manager License,” on page 20.
3.1.5 Tru64 Framework Manager Install
The Tru64 installation package is compressed through gzip. In order to install the package, you must
unzip the package through gunzip.
novdocx (en) 16 April 2010
By default, the installation program installs the software into
/opt/novell/npum
create a directory in the required part of the file system and create a symbolic link to
.
npum
. To change this,
/opt/novell/
To install the Tru64 manager:
1 Copy the installation package to a temporary location and use the following command to
extract the installation files:
gunzip <filename>
tar –xvf <filename>
See the “Novell Privileged User Manager Readme” (http://www.novell.com/documentation/
privilegedusermanager22/readme/privilegedusermanager_readme.html) for the actual
filename.
2 After the Tru64 installation package is uncompressed, use the following command to install the
manager:
setld -l NOVELLNPUM/
3 After installation is complete, check that the service is running by viewing the log file. The log
file is located in
/opt/novell/npum/logs/unifid.log,
if the default install location was
used. If the manager installed correctly, services should be listening on 0.0.0.0:29120 and
0.0.0.0:443.
4 If you have been supplied with a license, log in to the Framework Console and install the
license.
For information, refer to Section 3.2, “Accessing the Framework Console,” on page 19, and
then Section 3.3, “Installing a Novell Privileged User Manager License,” on page 20.
3.1.6 Windows Framework Manager Install
1 Run the following install executable to start the installation:
<filename>.exe
See the “Novell Privileged User Manager Readme” (http://www.novell.com/documentation/
privilegedusermanager22/readme/privilegedusermanager_readme.html) for the actual
filename.
2 Follow the steps in the install wizard.
The Framework Manager service can be installed on any part of the normal file system. It
defaults to the
18 Novell Privileged User Manager 2.2.1 Getting Started Guide
C:\Program Files\Novell\npum
folder.
Page 19
3 After installation is complete, check that the service is running by viewing the log file. The log
file is located in
C:\Program Files\Novell\npum\logs\unifid.log
, if the default install
location was used. If the manager installed correctly, services should be listening on
0.0.0.0:29120 and 0.0.0.0:443.
4 If you have been supplied with a license, log in to the Framework Console and install the
license.
For information, refer to Section 3.2, “Accessing the Framework Console,” on page 19, and
then Section 3.3, “Installing a Novell Privileged User Manager License,” on page 20.
3.2 Accessing the Framework Console
1 Open a Web browser on your chosen platform.
2 In the address bar, enter the URL for the Framework Console as follows:
https://<hostname>
Replace <hostname> with one of the following:
The DNS name of the server where the Framework Manager is installed.
novdocx (en) 16 April 2010
The DNS name of a server that has the Administration Agent package installed.
3 If you are presented with a security alert, verify the details and select Ye s to continue.
4 If your browser is not already equipped with Adobe Flash Player, the browser attempts to
install it. Verify the details and select Install to continue.
A reboot or browser restart might be required.
5 Log in to the Framework Console.
After you enter the URL for the Framework Console, the initial logon screen is displayed in the
browser window. You must authenticate to the system by using a username and password
defined on the system.
6 (Conditional) If this is the first time to log in to the console, specify the username
password
novell
, then click Logon.
admin
and
7 (Conditional) If this is the first time to log in to the Framework Console, you are prompted to
change the default password.
Your new password should be a minimum of six characters. If the new password is acceptable
to the system, you are logged in to the console.
IMPORTANT: To navigate in the Framework Console, do not use your browser’s Forward or
Back buttons; use the trail at the top of each page, such as:
Home / Compliance Auditor
Click Home to return to main console menu.
8 Continue with Section 3.3, “Installing a Novell Privileged User Manager License,” on page 20.
Installing the Framework Manager 19
Page 20
3.3 Installing a Novell Privileged User Manager
License
Log in to the Novell Customer Center (http://www.novell.com/center) and download your license
file. Use the following steps to install it:
1 Log in to the Framework Console.
2 From the Task P ane , click About Framework.
3 Click Register Framework.
4 Copy the supplied license and paste it into the text area.
5 Click Finish > Close.
Your license details can be viewed by selecting the About Framework option from the Tas k
Pane.
6 Continue with one of the following:
Section 3.4, “Setting Up a Package Manager,” on page 20
Chapter 4, “Installing the Agents,” on page 27
novdocx (en) 16 April 2010
3.4 Setting Up a Package Manager
The Package Manager allows you to push updates to hosts and to install additional packages on the
hosts for load balancing and failover. To use the Novell Update Server as the Package Manager, see
“Configuring the Package Manager ” in the Novell Privileged User Manager 2.2.1 Administration
guide.
To use a local host as a Package Manager:
1 Create a directory such as
This directory is called
2 Copy the
to the machine.
3 Extract the file to the
For UNIX and Linux platforms, use the following commands:
gunzip novell-npum-packages-2.2.1.tar.gz
tar -xvf novell-npum-packages-2.2.1.tar
For Windows platforms, use WinZip to extract the file.
4 Use the following command to publish the packages to the Package Manager.
Replace <admin> with the name of your admin user.
For Linux and UNIX platforms:
/opt/novell/npum/sbin/unifi -u <admin> distrib publish -d /tmp/framework
novell-npum-packages-2.2.1.gz
framework
framework
framework
on the Framework Manager in the
in the rest of these instructions.
from the Package Manager directory on the CD
directory.
/tmp
directory.
For Windows platforms:
c:\Program Files\novell\npum\bin\unifi -u <admin> distrib publish -d
c:\tmp\framework
5 When prompted, enter the password for the admin user.
20 Novell Privileged User Manager 2.2.1 Getting Started Guide
Page 21
6 (Optional) To view available packages, log in to the Framework Manager, then click Package
Manager.
7 Delete the
framework
directory.
3.5 Stopping and Restarting the Framework
The Framework services and processes start automatically after installation and system reboot, so
there is normally no need to stop and restart them. If you need to stop and restart the services and
processes manually, follow the instructions below for your platform:
Section 3.5.1, “AIX,” on page 21
Section 3.5.2, “HP-UX,” on page 21
Section 3.5.3, “Linux,” on page 21
Section 3.5.4, “Solaris,” on page 22
Section 3.5.5, “Tru64,” on page 23
Section 3.5.6, “Windows,” on page 23
novdocx (en) 16 April 2010
3.5.1 AIX
To stop the Framework process:
stopsrc -s npum
To start the Framework process:
startsrc -s npum
3.5.2 HP-UX
To stop the Framework process:
/sbin/init.d/npum stop
To start the Framework process:
/sbin/init.d/npum start
To check the status:
/sbin/init.d/npum status
3.5.3 Linux
The following instructions apply to all distributions.
To stop the Framework process:
/etc/init.d/npum stop
To start the Framework process:
/etc/init.d/npum start
Installing the Framework Manager 21
Page 22
To check the status:
/etc/init.d/npum status
Alternatively, you can use the following instructions for all distributions except SUSE®.
To stop the Framework process:
service npum stop
To start the Framework process:
service npum start
To check the status:
service npum status
3.5.4 Solaris
The following instructions apply to all supported distributions.
novdocx (en) 16 April 2010
To stop the Framework process:
/etc/init.d/npum stop
To start the Framework process:
/etc/init.d/npum start
To check the status:
/etc/init.d/npum status
Solaris 10 also uses the SMF (Service Management facility). Example commands are:
svcs | grep npum
legacy_run Apr_21 lrc:/etc/rc3_d/S99npum
online Apr_21 svc:/application/security/npum:default
Then, to enable the Framework process:
svcadm enable npum
To disable the Framework process:
svcadm disable npum
To restart the Framework process:
svcadm restart npum
To clear the Framework process:
svcadm clear npum
Please refer to your Solaris documentation for full SMF instructions.
22 Novell Privileged User Manager 2.2.1 Getting Started Guide
Page 23
3.5.5 Tru64
To stop the Framework process:
/sbin/init.d/npum stop
To start the Framework process:
/sbin/init.d/npum start
To check the status:
/sbin/init.d/npum status
3.5.6 Windows
To stop the Framework service:
1 Select the Start button.
2 Select Control Panel.
3 Select Administrative Tools.
novdocx (en) 16 April 2010
4 Select Services.
5 Select the Framework Manager service.
6 Select Stop.
To start the Framework service, follow the above instructions and select Start.
3.6 Removing the Framework Manager
Section 3.6.1, “AIX Manager Uninstall,” on page 23
Section 3.6.2, “HP-UX Manager Uninstall,” on page 24
Section 3.6.3, “Linux Manager Uninstall,” on page 24
Section 3.6.4, “Solaris Manager Uninstall,” on page 24
Section 3.6.5, “Tru64 Manager Uninstall,” on page 24
Section 3.6.6, “Windows Manager Uninstall,” on page 24
3.6.1 AIX Manager Uninstall
1 Use one of the following methods:
The AIX smitty program.
The following command:
installp -u novellnpum
IMPORTANT: This action cannot be undone.
2 Delete the
Deleting the directory structure removes the existing Framework Host settings from the server,
allowing for clean re-installation.
/opt/novell/npum
directory structure.
Installing the Framework Manager 23
Page 24
3.6.2 HP-UX Manager Uninstall
1 Enter the following command:
swremove novell-npum
IMPORTANT: This action cannot be undone.
novdocx (en) 16 April 2010
2 Delete the
Deleting the directory structure removes the existing Framework Host settings from the server,
allowing for clean re-installation.
/opt/novell/npum
directory structure.
3.6.3 Linux Manager Uninstall
1 Enter the following command:
rpm - e novell-npum
IMPORTANT: This action cannot be undone.
2 Delete the
Deleting the directory structure removes the existing Framework Host settings from the server,
allowing for clean re-installation.
/opt/novell/npum
directory structure.
3.6.4 Solaris Manager Uninstall
1 Enter the following command:
pkgrm novell-npum
IMPORTANT: This action cannot be undone.
2 Delete the
Deleting the directory structure removes the existing Framework Host settings from the server,
allowing for clean re-installation.
/opt/novell/npum
directory structure.
3.6.5 Tru64 Manager Uninstall
1 Enter the following command:
setld -d NOVELLNPUMALLXXX
IMPORTANT: This action cannot be undone.
2 Delete the
Deleting the directory structure removes the existing Framework Host settings from the server,
allowing for clean re-installation.
/opt/novell/npum
3.6.6 Windows Manager Uninstall
1 Select the Start button from the Windows task bar.
2 Select All Programs.
24 Novell Privileged User Manager 2.2.1 Getting Started Guide
directory structure.
Page 25
3 Select Framework Manager.
4 Select Uninstall.
IMPORTANT: This action cannot be undone.
novdocx (en) 16 April 2010
Installing the Framework Manager 25
Page 26
novdocx (en) 16 April 2010
26 Novell Privileged User Manager 2.2.1 Getting Started Guide
Page 27
4
Installing the Agents
Section 4.1, “Agent Installation Overview,” on page 27
Section 4.2, “Creating a Host Name for Each Agent,” on page 27
Section 4.3, “Opening Firewall Ports,” on page 28
Section 4.4, “Installing and Registering a Framework Agent,” on page 28
Section 4.5, “Removing the Agent Components,” on page 33
4.1 Agent Installation Overview
For each computer that you want to manage with the Framework console, you need to do the
following:
Section 4.2, “Creating a Host Name for Each Agent,” on page 27
Section 4.4, “Installing and Registering a Framework Agent,” on page 28
novdocx (en) 16 April 2010
4
4.2 Creating a Host Name for Each Agent
Hosts can be organized and grouped into domains.
1 Log in to the Framework Manager console.
2 In the Navigation Pane, click Hosts.
The Navigation Pane displays the current hierarchy for your Framework.
3 (Conditional) If you want to add a subdomain, click Hosts in the Navigation Pane.
3a Click Add Domain in the Tas k Pane .
3b Specify a domain name.
3c Click Finish.
4 Select the required domain from the Navigation Pane.
5 Click Add Hosts from the Tas k Pane .
6 Specify the agent names for the hosts. You can type the names one at a time using one name per
line, or paste a list of names.
When you add a host to the Framework, the name does not need to relate to the existing DNS
name used to locate the host on your network.
7 Click Next.
A list of agent names is displayed.
8 Click Finish.
The status of the host is unregistered until the agent is installed and registered.
9 Continue with Section 4.4, “Installing and Registering a Framework Agent,” on page 28.
Installing the Agents
27
Page 28
4.3 Opening Firewall Ports
Port 29120 is used for all communications among the Framework managers and the agents. Port
29120 is also used for communications among the Framework agents.
If firewalls separate your Privileged User Manager machines, this port must be opened to traffic in
both directions for Novell Privileged User Manager to work properly.
The port is specified when the agent is registered with the Framework Manager. If you need to
specify a different port because an application is already using port 29120, this new port needs to be
opened in the firewall for communication.
4.4 Installing and Registering a Framework
Agent
Currently the Framework Agent is available for installation on the platforms listed below. Refer to
Section 2.3, “Supported Platforms,” on page 13 for more information regarding supported versions.
For detailed installation instructions for your platform, select from the list below:
novdocx (en) 16 April 2010
Section 4.4.1, “AIX Agent Install,” on page 28
Section 4.4.2, “HP-UX Agent Install,” on page 29
Section 4.4.3, “Linux Agent Install,” on page 30
Section 4.4.4, “Solaris Agent Install,” on page 31
Section 4.4.5, “Tru64 Agent Install,” on page 32
NOTE: Agents must be registered with the Framework Manager after installation.
4.4.1 AIX Agent Install
The AIX installation package is compressed through gzip. In order to install the package, you must
unzip the package through gunzip.
By default, the installation program installs the software into
directory in the required part of the file system and create a symbolic link to
To install the AIX agent:
1 Copy the installation package to a temporary location and use the following command to
extract the installation files:
gunzip <filename>
See the “Novell Privileged User Manager Readme” (http://www.novell.com/documentation/
privilegedusermanager22/readme/privilegedusermanager_readme.html) for the actual
filename.
/opt/novell
. To change this, create a
/opt/novell
.
2 After the AIX installation package is uncompressed, use one of the following methods to
perform the installation.
The AIX smitty program
The following command:
installp -acgNQqwX -d <directory of .bff file> novellnpum
28 Novell Privileged User Manager 2.2.1 Getting Started Guide
Page 29
3 When installation is complete, check that the service is running by viewing the log file.
novdocx (en) 16 April 2010
The log file is located in
/opt/novell/npum/logs/unifid.log
, if the default install location
was used. If the agent installed correctly, it should be listening on 0.0.0.0:29120.
4 Use the following command to register the agent with the Framework Manager. This command
must be issued from the machine where the agent is installed.
/opt/novell/npum/sbin/unifi regclnt register
Four items of information are required:
The registration server hostname: The hostname or IP address of the Framework Manager.
The registration server port: Accept the default unless another application is using this port.
After the host is registered, this port cannot be modified.
The name or IP address of this host: The DNS name or IP address by which any other agent
in the Framework can resolve the location of this machine on your network.
The name of this agent: The name of the agent when it was created in the Framework Console
(refer to “Creating a Host Name for Each Agent” on page 27).
NOTE: When the above details have been provided, a valid username and password for the
Framework Manager are required to complete the registration of the agent.
5 Verify that the registration has been successful by viewing the host details on the Framework
Console.
4.4.2 HP-UX Agent Install
The HP-UX installation package is compressed through gzip. In order to install the package, you
must unzip the package through gunzip.
By default, the installation program installs the software into
/opt/novell
directory in the required part of the file system and create a symbolic link to
. To change this, create a
/opt/novell
.
To install the HP-UX agent:
1 Copy the installation package to a temporary location and use the following command to
extract the installation files:
gunzip <filename>
See the “Novell Privileged User Manager Readme” (http://www.novell.com/documentation/
privilegedusermanager22/readme/privilegedusermanager_readme.html) for the actual
filename.
2 After the HP-UX installation package is uncompressed, use the following command to install
the agent:
swinstall -s /<directory of .depot file>/<filename>.depot \*
3 After installation is complete, check that the service is running by viewing the log file.
The log file is located in
/opt/novell/npum/logs/unifid.log
, if the default install location
was used. If the agent installed correctly, it should be listening on 0.0.0.0:29120.
4 Use the following command to register the agent with the Framework Manager. This command
must be issued from the machine where the agent is installed.
/opt/novell/npum/sbin/unifi regclnt register
Installing the Agents 29
Page 30
Four items of information are required:
The registration server hostname: The hostname or IP address of the Framework Manager.
The registration server port: Accept the default unless another application is using this port.
After the host is registered, this port cannot be modified.
The name or IP address of this host: The DNS name or IP address by which any other agent
in the Framework can resolve the location of this machine on your network.
The name of this agent: The name of the agent when it was created in the Framework Console
(refer to “Creating a Host Name for Each Agent” on page 27).
NOTE: When the above details have been provided, a valid username and password for the
Framework Manager are required to complete the registration of the agent.
5 Verify that the registration has been successful by viewing the host details on the Framework
Console.
4.4.3 Linux Agent Install
Linux hosts use the RPM packaging system for installation, upgrade, and removal.
novdocx (en) 16 April 2010
By default, the installation program installs the software into
directory in the required part of the file system and create a symbolic link to
/opt/novell
. To change this, create a
/opt/novell
.
To install the Linux agent:
1 Copy the installation package to a temporary location and use the following command to install
the file:
rpm -i <filename>.rpm
See the “Novell Privileged User Manager Readme” (http://www.novell.com/documentation/
privilegedusermanager22/readme/privilegedusermanager_readme.html) for the actual
filename.
2 After installation is complete, check that the service is running by viewing the log file.
The log file is located in
/opt/novell/npum/logs/unifid.log
, if the default install location
was used. If the agent installed correctly, it should be listening on 0.0.0.0:29120.
3 Use the following command to register the agent with the Framework Manager. This command
must be issued from the machine where the agent is installed.
/opt/novell/npum/sbin/unifi regclnt register
Four items of information are required:
The registration server hostname: The hostname or IP address of the Framework Manager.
The registration server port: Accept the default unless another application is using this port.
After the host is registered, this port cannot be modified.
The name or IP address of this host: The DNS name or IP address by which any other agent
in the Framework can resolve the location of this machine on your network.
The name of this agent: The name of the agent when it was created in the Framework Console
(refer to “Creating a Host Name for Each Agent” on page 27).
30 Novell Privileged User Manager 2.2.1 Getting Started Guide
Page 31
NOTE: When the above details have been provided, a valid username and password for the
Framework Manager are required to complete the registration of the agent.
4 Verify that the registration has been successful by viewing the host details on the Framework
Console.
4.4.4 Solaris Agent Install
The Solaris installation package is compressed through gzip. In order to install the package, you
must unzip the package through gunzip.
novdocx (en) 16 April 2010
By default, the installation program installs the software into
/opt/novell
directory in the required part of the file system and create a symbolic link to
. To change this, create a
/opt/novell
.
To install the Solaris agent:
1 Copy the installation package to a temporary location and use the following command to
extract the installation files:
gunzip <filename>
See the “Novell Privileged User Manager Readme” (http://www.novell.com/documentation/
privilegedusermanager22/readme/privilegedusermanager_readme.html) for the actual
filename.
2 After the Solaris installation package is uncompressed, use the following command to install
the agent:
pkgadd -d /<directory of .pkg file>/<filename>.pkg
See the “Novell Privileged User Manager Readme” (http://www.novell.com/documentation/
privilegedusermanager22/readme/privilegedusermanager_readme.html) for the actual
filename.
3 After installation is complete, check that the service is running by viewing the log file.
The log file is located in
/opt/novell/npum/logs/unifid.log,
if the default install
location was used. If the agent installed correctly, it should be listening on 0.0.0.0:29120.
4 Use the following command to register the agent with the Framework Manager. This command
must be issued from the machine where the agent is installed.
/opt/novell/npum/sbin/unifi regclnt register
Four items of information are required:
The registration server hostname: The hostname or IP address of the Framework Manager.
The registration server port: Accept the default unless another application is using this port.
After the host is registered, this port cannot be modified.
The name or IP address of this host: The DNS name or IP address by which any other agent
in the Framework can resolve the location of this machine on your network.
The name of this agent: The name of the agent when it was created in the Framework Console
(refer to “Creating a Host Name for Each Agent” on page 27).
Installing the Agents 31
Page 32
NOTE: When the above details have been provided, a valid username and password for the
Framework Manager are required to complete the registration of the agent.
5 Verify that the registration has been successful by viewing the host details on the Framework
Console.
4.4.5 Tru64 Agent Install
The Tru64 installation package is compressed through gunzip. In order to install the package you
must unzip the package through gunzip.
novdocx (en) 16 April 2010
By default, the installation program installs the software into
/opt/novell
directory in the required part of the file system and create a symbolic link to
. To change this, create a
/opt/novell
.
To install the Tru64 agent:
1 Copy the installation package to a temporary location and use the following command to
extract the installation files:
gunzip <filename>
tar –xvf <filename>
See the “Novell Privileged User Manager Readme” (http://www.novell.com/documentation/
privilegedusermanager22/readme/privilegedusermanager_readme.html) for the actual
filename.
2 After the Tru64 installation package is uncompressed, use the following command to install the
agent:
setld -l NOVELLNPUM/
3 After installation is complete, check that the service is running by viewing the log file.
The log file is located in
/opt/novell/npum/logs/unifid.log
, if the default install location
was used. If the agent installed correctly, it should be listening on 0.0.0.0:29120.
4 Use the following command to register the agent with the Framework Manager. This command
must be issued from the machine where the agent is installed.
/opt/novell/npum/sbin/unifi regclnt register
Four items of information are required:
The registration server hostname: The hostname or IP address of the Framework Manager.
The registration server port: Accept the default unless another application is using this port.
After the host is registered, this port cannot be modified.
The name or IP address of this host: The DNS name or IP address by which any other agent
in the Framework can resolve the location of this machine on your network.
The name of this agent: The name of the agent when it was created in the Framework Console
(refer to “Creating a Host Name for Each Agent” on page 27).
NOTE: When the above details have been provided, a valid username and password for the
Framework Manager are required to complete the registration of the agent.
5 Verify that the registration has been successful by viewing the host details on the Framework
Console.
32 Novell Privileged User Manager 2.2.1 Getting Started Guide
Page 33
4.5 Removing the Agent Components
Section 4.5.1, “AIX Agent Uninstall,” on page 33
Section 4.5.2, “HP-UX Agent Uninstall,” on page 33
Section 4.5.3, “Linux Agent Uninstall,” on page 33
Section 4.5.4, “Solaris Agent Uninstall,” on page 33
Section 4.5.5, “Tru64 Agent Uninstall,” on page 34
4.5.1 AIX Agent Uninstall
1 Use one of the following methods:
The AIX smitty program
The following command:
installp -u novellnpum
IMPORTANT: This action cannot be undone.
novdocx (en) 16 April 2010
2 Delete the
Deleting the directory structure removes the existing Framework Host settings from the server,
allowing for clean re-installation.
/opt/novell/npum
directory.
4.5.2 HP-UX Agent Uninstall
1 Enter the following command:
swremove novell-npum
IMPORTANT: This action cannot be undone.
2 Delete the
Deleting the directory structure removes the existing Framework Host settings from the server,
allowing for clean re-installation.
/opt/novell/npum
directory structure.
4.5.3 Linux Agent Uninstall
1 Enter the following command:
rpm -e novell-npum
IMPORTANT: This action cannot be undone.
2 Delete the
Deleting the directory structure removes the existing Framework Host settings from the server,
allowing for clean re-installation.
/opt/novell/npum
directory structure.
4.5.4 Solaris Agent Uninstall
1 Enter the following command:
pkgrm novell-npum
Installing the Agents 33
Page 34
IMPORTANT: This action cannot be undone.
novdocx (en) 16 April 2010
2 Delete the
/opt/novell/npum
directory structure.
Deleting the directory structure removes the existing Framework Host settings from the server,
allowing for clean re-installation.
4.5.5 Tru64 Agent Uninstall
1 Enter the following command:
setld -d NOVELLNPUMXXX
IMPORTANT: This action cannot be undone.
2 Delete the
Deleting the directory structure removes the existing Framework Host settings from the server,
allowing for clean re-installation.
/opt/novell/npum
directory structure.
34 Novell Privileged User Manager 2.2.1 Getting Started Guide
Page 35
5
Upgrading from 2.2 to 2.2.1
The procedure for upgrading from one release to the next release is slightly different than applying
patches to an existing release.
1 Publish the 2.2.1 packages to the Package Manager.
There are multiple ways to accomplish this.
You can use the 2.2.1 CD and set up your Framework Manager machine to be a local
Package Manager. For instructions, see Section 3.4, “Setting Up a Package Manager,” on
page 20.
You can configure the Package Manager to use the Novel
Novell Customer Care account. For instructions, see “Configuring the Package Manager ”
in the Novell Privileged User Manager 2.2.1 Administration guide.
2 (Conditional) If you are using the Novell Update Server, add the packages you need:
2a Click Package Manager on the home page of the console, then click Add Packages.
®
l Update Server through your
novdocx (en) 16 April 2010
5
2b Configure the Package Filter to display the packages you need.
Ve rs io n : Select 2.2.
Platform: Select your platforms. Make sure you select Cross Platform, which displays
the console packages that run on all platforms.
Types: Select at least Console, Module, and Patch.
Components: Select all of them: Command Control, Framework, and Miscellaneous.
2c Select all the packages that are listed. Make sure you select the Framework Patch.
2d Click Next, then click Finish when the packages have been successfully downloaded.
2e To ensure that all packages are up-to-date, click Check for Updates.
2f Select any packages that are listed.
2g Click Next, then click Finish when the packages have been successfully downloaded.
3 To upgrade your Framework Manager:
3a Click Hosts on the home page of the console.
3b Select the host that is your Framework Manager, use the arrow to display the packages,
then select Packages.
3c Click Update Packages in the task pane.
The Framework Patch should be displayed. This package must be updated to 2.2.1 before
you can update any other packages. If this package does not display, return to Step 2 and
add the Framework Patch for your platform.
3d Select the package, then click Next.
3e When the package has installed, click Finish.
3f Click Update Packages in the task pane.
3g Select the listed packages, then click
Next.
Upgrading from 2.2 to 2.2.1
35
Page 36
3h When the packages have installed, click Finish.
3i Verify that all packages display a 2.2.1 version. If they don’t, return to Step 2 and add any
missing packages.
4 To install new packages available in 2.2.1 on your Framework Manager:
4a Click Hosts on the home page of the console.
4b Select the host that is your Framework Manager, use the arrow to display the packages,
then select Packages.
4c Click Install Packages.
4d Select the Syslog Emitter, then click Next.
4e When the package has installed, click Finish.
5 To upgrade your agents:
5a Click Hosts on the home page of the console.
5b Select the hosts that are agents or select the domain containing the agents.
5c Click Update Packages in the task pane.
5d Select the Framework Patch, then click Next.
novdocx (en) 16 April 2010
5e Click Update Packages in the task pane.
5f Select the listed packages, then click Next.
5g When the packages have installed, click Finish.
5h Verify that all packages display a 2.2.1 version.
36 Novell Privileged User Manager 2.2.1 Getting Started Guide
Loading...