DOCSLIB.ORG

Novell Advanced Audit Service

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Novell Advanced Audit Service Manual December 10, 200289 Novell Advanced Audit Service www.novell.com INSTALLATION AND ADMINISTRATION GUIDE Novell Advanced Audit Service June 10, 2003 Novell Confidential Manual December 10, 200289 Legal Notices Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes. You may not export or re-export this product in violation of any applicable laws or regulations including, without limitation, U.S. export regulations or the laws of the country in which you reside. Copyright © 2002 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher. Novell, Inc. 1800 South Novell Place Provo, UT 84606 U.S.A. www.novell.com Novell Advanced Audit Service March 2003 Online Documentation: To access the online documentation for this and other Novell products, and to get updates, see www.novell.com/documentation. Novell Advanced Audit Service June 10, 2003 Novell Confidential Manual December 10, 200289 Novell Trademarks ConsoleOne is a registered trademark of Novell, Inc. in the United States and other countries. Novell is a registered trademark of Novell, Inc. in the United States and other countries. NetWare is a registered trademark of Novell, Inc. in the United States and other countries Third-Party Trademarks All third-party products are the property of their respective owners. Novell Advanced Audit Service June 10, 2003 Novell Confidential Manual December 10, 200289 4 Novell Advanced Audit Service Novell Advanced Audit Service June 10, 2003 Novell Confidential Manual December 10, 200289 Understanding Novell Advanced Audit Service 9 NAAS Components . 9 NAAS Terminology . 10 1 Installing Novell Advanced Audit Service 13 System Requirements . 14 Hardware Requirements . 14 Software Requirements. 14 Installing the NAAS Utility and the Default Configuration Utility . 18 Starting the Pervasive Database Server . 18 2 NAAS Default Configuration Utility 21 Default Configuration of NAAS . 21 Setting Up the NAAS Agent . 22 Setting Up NAAS Server . 22 Setting Up NAAS Database . 22 Configuring NAAS Framework . 24 Modifying NAAS Agent Policy . 25 Modifying NAAS Event Policy . 25 Configuring NAAS for Multipartition Auditing . 26 Deploying NAAS in a Mixed Environment with NetWare 6 and NetWare 6 Support Pack 1 or Later Servers . 26 Modifying Default Values. 28 NAAS Agent Policy . 28 NAAS Server Policy . 28 Audited Services . 28 Auditor Rights. 29 Starting the NAAS Server . 30 Starting the NAAS Agent . 30 Loading the Shims . 31 FS Shim . 31 NSS Shim. 31 DS Shim . 31 Starting the NAAS Utility . 31 Stopping the NAAS Server . 31 Viewing NAAS Error Logs . 32 3 Manually Configuring Novell Advanced Audit Service 33 Prerequisites . 33 Configuring Agent and Server . 33 Configuring the NAAS Agent . 34 Configuring the NAAS Server . 35 5 Novell Advanced Audit Service Installation and Administration Guide 103-000165-001 June 10, 2003 Novell Confidential Manual December 10, 200289 Associating an Audit Policy to an Object . 36 Creating the Search Criteria Policy . 36 Associating the Policy . 36 Finding the Effective Audit Policy for an Object . 37 Configuring eDirectory Auditing . 37 Configuring Traditional File System Auditing . 38 Configuring NSS Auditing . 39 4 Deploying Novell Advanced Audit Service 41 Setup Using NAAS Configuration Utility. 41 Auditing . 42 Reporting . 43 Deployment Scenarios . 43 Scenario 1: Auditor Is Not a Part of the Partition in Which NAAS Is Configured . 43 Scenario 2: NAAS Agent Is Not a Part of the Partition in Which NAAS is Configured. 44 Scenario 3: NAAS Agent and NAAS Server Are Not Present in the Same Partition as the eDirectory server . 45 Valid Setup. 46 Scenario 4: The Auditor Query Domain and NAAS Server Are in Different Partitions. 46 5 Using Novell Advanced Audit Service 49 Installing NAAS . 50 Configuring NAAS Components. 50 Configuring NAAS for Multipartition Auditing . 50 Scenarios for Configuring NAAS for Multipartition Auditing. 51 Granting Rights to NAAS Agents . 60 Reporting in Multipartition Auditing . 60 Scenarios for Reporting in Multipartition Auditing . 61 Recommendations . 63 Setting Up NAAS Database . 64 Setting Up Pervasive Database . 64 Setting Up MySQL Database . 64 Setting Up Oracle Database . 65 Auditing eDirectory . 65 Auditing NWFS . 65 Auditing NSS . 65 Associating Policies . 66 Creating and Modifying Audit Policies. 66 Creating an Audit Policy . 66 Modifying an Audit Policy . 66 Viewing the Audit Trail. 66 Setting the User as Auditor . 66 6 Novell Advanced Audit Service Installation and Administration Guide Novell Advanced Audit Service Installation and Administration Guide 103-000165-001 June 10, 2003 Novell Confidential Manual December 10, 200289 Granting Rights for Generating NAAS Reports . 68 Auditor Query Domains. 68 Auditing Events Generated by Specific Users . 69 Auditing Events Generated on Specific Files . 70 Auditing Events Generated from Specific Source Machines . 70 Auditing Events Generated on Specific Target Machines . 71 Setting Search Criteria for Policies. 71 Setting Filters for Viewing Events . 72 Filter Sets . 72 Event Filters . ..
Load more

Recommended publications
  • Magic Information Systems Chooses Pervasive Software's SQL Database
    Solutions for the Information Project Team • www.dbta.com Volume 16, Number 7 •July 2002 Magic Information Systems Chooses Pervasive Software's SQL Database By Walt Jordan ability to support multiple cur- parallel transactional applica- having to invest much time or Magic Information Systems rencies, landed costs tracking tion with the SQL relational energy tuning the database. has been creating database and others. And though it was database. Now, Btrieve is And neither have his clients. applications since 1989. originally geared to Windows, embedded into Pervasive's SQL The Magic RAD tool is data- Originally called Hartronix, a the company ported it to Unix database. base independent. All the value-added reseller, the com- and other platforms as well. That combination solved reporting is generated by pany created a management But new challenges accompa- Rapoport's problems. "With Crystal Reports Writer from package for wholesale distribu- nied the success. "It was a good Pervasive wrapping Btrieve in a Seagate. "That is our operating tion and light manufacturing product, but maintaining it and relational database and Magic environment, and Pervasive is called Accountware. Over time, customizing it was a headache," as the rapid application devel- at the core," Rapoport said. the Accountware application Rapoport said. "We began look- opment tool, we found that we Interestingly, customers are grew to generate 80 percent of ing for a tool that would let us really didn't need to go any fur- becoming more interested in the overall business. As a get away from the 800,000 lines ther," Rapoport said. what is the underlying data- result, the company was con- of code that we had written in In fact, using Pervasive SQL base.
    [Show full text]
  • Accessing Zen/PSQL Data from ODBC Or Other Applications
    Accessing Zen/PSQL Data From ODBC Or Other Applications A White Paper From For more information, see our web site at http://www.goldstarsoftware.com Accessing Zen/PSQL Data From ODBC (or Other Applications) Last Updated: 02/23/2021 When it comes to "frequently asked questions", this one takes the cake, to be sure. It seems that people are used to databases which provide ODBC access natively (such as FOXPro, Access, etc.) and get confused when they cannot access their own application data immediately. Then, they start “Btrieve-bashing” because they can't get their data out. This document was created to provide some explanation as to what the issues are when it comes to ODBC access and your data, whether it be stored in a current Actian Zen database engine, or one of the older ones, including Actian PSQL, Pervasive PSQL, Pervasive.SQL, and even Btrieve. The material is taken mostly from the PSQL Service & Support classes provided by Goldstar Software. Database Engine Type & ODBC Drivers The first question we have to deal with is the availability of ODBC drivers. If you have a newer engine, then you can skip this section entirely. If you have an older engine, though, then you should read on. Old DOS applications may be using Btrieve 5.x or older for DOS, 5.x for Windows, or even Btrieve 5.x or 6.10 for NetWare. These engines do NOT contain an ODBC driver and will not support 32-bit ODBC access. (MS Access 2.0 had limited support for Btrieve 6.10, but only from 16-bit Windows applications.) If this is the case, then you will need to purchase a new database engine to support this access.
    [Show full text]
  • Technical FAQ: Btrieve – Microsoft SQL Server Migration And
    MERTECH DATA SYSTEMS, INC. 18503 Pines Boulevard, Suite 312 | Pembroke Pines, FL 33029 | USA Tel: (954)585-9016 | Fax: (866)228-1213 www.mertechdata.com Contents Introduction What objects are created on MSSQL? Are there recommended database settings? Technical FAQ: Btrieve – Microsoft SQL Server Which files are used? Migration and Deployment What roles and privileges are required? Can I determine the number of licenses used? How do I install the client? What things should I look for in my code? How do I know if I am targeting Btrieve or SQL? Can the application control login? Can the application execute queries? How do I handle sensitive data? How do I look at the data on the server? Contact Information © 2014 Mertech Data Systems, Inc. All Rights Reserved. This document is for informational purposes only. Mertech makes no warranties, expressed or implied, in this document. Btrieve and Pervasive.SQL are registered trademarks of Pervasive Software, Inc. Mertech Data and Btr2SQL are trademarks of Mertech Data Systems, Inc. Microsoft, SQL Server and Windows are registered trademarks of Microsoft Corporation. Other trademarks and trade names mentioned herein are the property of their respective owners. Introduction Mertech’s Btr2SQL database migration tool smoothly migrates a Btrieve database to a Microsoft SQL Server back-end. The migration process creates the required tables and indexes and copies data to the MSSQL server. This white paper answers frequently asked questions about the migration and deployment process. What objects are created on MSSQL? Indexes If a table has at least one index that is not unique and the table does not have a primary key defined in the DDFs: The MDS_RECNUM column is a primary key.
    [Show full text]
  • Btrieve 12 Release Notes General Release – December 2015
    6/23/2017 Btrieve 12 Release NotesGeneral Release – December 2015 Btrieve 12 Release Notes General Release – December 2015 Contents Welcome to the General Release of Btrieve 12. These release notes cover the following topics: • Overview • PlaĔorms Supported • Product Authorizaĕon • New Features and Enhancements • Installing Btrieve • Installing Btrieve 12 • JRE Components Included in Installaĕon • Known Issues • Usage Notes • Technical Support This document is included in your Btrieve installaĕon but may be updated a├er the release. Its latest version is always posted on the Acĕan PSQL website. Overview PlaĔorms Supported This release has been successfully tested on the following operaĕng systems in their 32‐ and 64‐bit ediĕons: • Windows 10 • Windows Server 2012 • Windows 8 • Windows Small Business Server 2011 • Windows Server 2008 R2 • Windows Foundaĕon Server 2008 R2 • Windows 7 • Windows Small Business Server 2008 • Windows Server 2008 http://www.pervasive.com/portals/55/documents/btrieve/readme_btrieve12.htm 1/5 6/23/2017 Btrieve 12 Release NotesGeneral Release – December 2015 • Windows Vista We recommend updaĕng all operaĕng systems to their latest service packs. Product Authorizaĕon Btrieve 12 comes with a trial key for evaluaĕon installaĕons. These trial keys have limits of 5 users and 30 days. If you install Btrieve 12, you are required to authorize the product either by entering a license key during installaĕon or by using the License Administrator uĕlity a├er installaĕon. Authorizing Btrieve 12 during installaĕon requires an Internet connecĕon. To authorize a├er installaĕon, read about license administraĕon in Btrieve User’s Guide. License Authorizaĕon Access Through Proxy Servers We recommend that you use Windows Internet Explorer to configure proxy servers.
    [Show full text]
  • Determining Your Pervasive, Actian, PSQL Or Btrieve Engine Version
    Determining Your PSQL Engine Version A White Paper From For more information, see our web site at http://www.goldstarsoftware.com Determining Your PSQL Engine Version Last Updated: 12/18/2018 It is very common for people to know that they are using the Btrieve or Pervasive PSQL, or Actian Zen database engine, but to not know exactly which version they are using. Moreover, the list of related files is often a mystery, especially for older versions, and some users are simply without a clue as to what modules are part of the database and what are not. This paper was created so that someone could locate the PSQL-related files on their workstation or server and determine the exact version, including user count, where appropriate. NetWare Server Engines With NetWare servers, it is possible to have any version of Btrieve from 5.x all the way through Pervasive PSQL v9. Many users see the version reported from BREQUEST and assume that this is their Btrieve version -- it just isn't so! You must query the server to determine exactly which version of BTRIEVE.NLM you have. On older versions of NetWare, you can do this with the "MODULES" command, which lists all the loaded modules on the server. Then, watch for the BTRIEVE.NLM to scroll by. For NetWare 4.11 and above, you can use the command "MODULES BTR*" to list only those modules that start with "BTR", which will save some searching. With the release of Pervasive.SQL 7, Pervasive Software started including the SQL engine "in the box" with the Btrieve engine.
    [Show full text]
  • Btrieve Data File Maintenance
    Btrieve Data File Maintenance A White Paper From For more information, see our web site at http://www.goldstarsoftware.com Btrieve Data File Maintenance Last Updated 04/07/2010 Btrieve data files do not require periodic maintenance, unlike some of the more administration-intensive database products out there. In fact, the majority of Btrieve files sit happily for their entire lives without ever having to be touched outside of the program that creates and accesses them. As a result, using BUTIL or some of the other utilities is relegated to the programmers in the world, since these are the people who can benefit most by their use. In fact, there are only two cases where file maintenance for a normally-running Btrieve database may be required. First, if the developer makes a change to the application that requires changing the size of the record in a file, a manual BUTIL rebuild process may be utilized. Oftentimes, the developer will create a version upgrade utility, or some other process to perform this function automatically. If this is done from the workstation, however, a long time may be needed to convert large files. It may be desirable to manually perform the process from the server instead. Second, if a database is very large and the application purges (deletes) a large number of records, you may wish to give some of the newly freed up storage space back to the operating system. This is important because Btrieve does not release empty data pages back to the operating system -- it just marks them as free pages for future use by the engine.
    [Show full text]
  • Btrieve Developer's Journal, Call Responsible for Getting BDJ out to You, and I Carolyn Lighty, Advertising Manager, at (800) Don’T Have Room to Thank Them All
    Btrieve® Winter 1995 Developers Journal Vol. III No. 4 THE INDEPENDENTSpecial Feature: SOURCE OF NEWS AND INFORMATION ABOUT BTRIEVE AND SCALABLE SQL DevelopmentSurfing Tools in Roundup January: Hot Destinations for Developers on the Web BTI AND OTHER SOFTWARE VENDORS TURN TO THE INTERNET TO GET THE WORD OUT Appearance of these web pages, like the applications of Btrieve itself, ranges By Jim Kyle, News Editor Btrieve Technologies Inc. created a web from deceptively simple to extremely page, in addition to its support forum on complicated. A few sites, such as that of For the past several months, its been CompuServe. A number of other firms did BTI, provide magnificently detailed almost impossible to pick up any the same. When we began surveying the graphics. Unfortunately, the more publication (technical or otherwise) net to see how many Btrieve-related sites complex the graphic that finally appears, without finding at least one article dealing we could locate, most of the names best- the longer the time required to download with the information superhighway. It known to Btrieve users and developers the data so you can see it! Some of the appears that The Internet has surpassed popped out immediately. more striking pages, such as that from even client/server as the buzzword of The three dozen or so sites in the the Canadian consulting firm ThinkNet, the year! accompanying list almost certainly form show an awareness of this fact; they Well, we at the Journal are no only a sample of those in existence. Weve combine relatively simple graphic exception to this rule.
    [Show full text]
  • Pervasive.SQL User's Guide
    Pervasive.SQL 2000i Pervasive.SQL User’s Guide Guide to Using Pervasive.SQL Pervasive Software, Inc. 12365 Riata Trace Parkway Building II Austin, TX 78727 USA Telephone: +1 512 231 6000 or 800 287 4383 Fax: +1 512 231 6010 E-Mail: [email protected] Web: http://www.pervasive.com disclaimer PERVASIVE SOFTWARE INC. LICENSES THE SOFTWARE AND DOCUMENTATION PRODUCT TO YOU OR YOUR COMPANY SOLELY ON AN “AS IS” BASIS AND SOLELY IN ACCORDANCE WITH THE TERMS AND CONDITIONS OF THE ACCOMPANYING LICENSE AGREEMENT. PERVASIVE SOFTWARE INC. MAKES NO OTHER WARRANTIES WHATSOEVER, EITHER EXPRESS OR IMPLIED, REGARDING THE SOFTWARE OR THE CONTENT OF THE DOCUMENTATION; PERVASIVE SOFTWARE INC. HEREBY EXPRESSLY STATES AND YOU OR YOUR COMPANY ACKNOWLEDGES THAT PERVASIVE SOFTWARE INC. DOES NOT MAKE ANY WARRANTIES, INCLUDING, FOR EXAMPLE, WITH RESPECT TO MERCHANTABILITY, TITLE, OR FITNESS FOR ANY PARTICULAR PURPOSE OR ARISING FROM COURSE OF DEALING OR USAGE OF TRADE, AMONG OTHERS. trademarks Btrieve, Tango, Client/Server in a Box, and the Pervasive Software logo are registered trademarks of Pervasive Software Inc. Built on Pervasive, Built on Pervasive Software, Extranet in a Box, Pervasive.SQL, Jtrieve, Plug n’ Play Databases, SmartScout, Solution Network, Ultra-light Z-DBA, Z-DBA, ZDBA, UltraLight, MicroKernel Database Engine, and MicroKernel Database Architecture are trademarks of Pervasive Software Inc. Microsoft, MS-DOS, Windows, Windows NT, Win32, Win32s, and Visual Basic are registered trademarks of Microsoft Corporation. Windows 95 is a trademark of Microsoft Corporation. NetWare and Novell are registered trademarks of Novell, Inc. NetWare Loadable Module, NLM, Novell DOS, Transaction Tracking System, and TTS are trademarks of Novell, Inc.
    [Show full text]
  • Btrieve Error Codes 3000 - 3099 ← Pervasive PSQL Microkernel Router Status Codes
    Btrieve Error Codes 3000 - 3099 ← Pervasive PSQL MicroKernel Router Status Codes This section lists the status codes you can receive from the MicroKernel router, which receives requests from the Btrieve requesters and routes them to the correct version of the MicroKernel. 3000: The MicroKernel router encountered a memory allocation error The MicroKernel router could not internally allocate memory. Check the Pervasive Event Log (PVSW.LOG) for more information. 3001: Local access is unavailable to the MicroKernel router A call to the MicroKernel failed. This is most likely the result of an incorrect configuration. For example, if the MicroKernel is unavailable because of configuration settings and the file to be opened is local, then the MicroKernel router returns this status code. 3002: The MicroKernel router resource DLL is unavailable The MicroKernel resource DLL is either missing or incompatible with the current version of the router. If this happens, the MicroKernel reverts to its default settings and continues to run. Check the Pervasive Event Log (PVSW.LOG) for more information. 3003: The MicroKernel router detected an incompatible network component The networking services component is not compatible with this version of the MicroKernel router. The most likely cause is that the Networking services DLL has been replaced by an older version. Check the Pervasive Event Log (PVSW.LOG) for more information. 3004: The MicroKernel is not responding to the MicroKernel router The MicroKernel is not responding to requests from the MicroKernel router. Verify that the MicroKernel is running. 3005: The MicroKernel router encountered an operating system error The MicroKernel router encountered an unexpected error from the operating system, such as a shared memory failure.
    [Show full text]
  • Entering Your Pervasive PSQL V8/V9 Database Engine License
    Entering Your Pervasive PSQL V8/v9 Database Engine License A White Paper From For more information, see our web site at http://www.goldstarsoftware.com Entering Your Pervasive PSQL V8/v9 Database License Last Updated: 12/18/2018 The Pervasive database engine is licensed via an electronic license key which is provided with the engine license. For versions 8.x and 9.x, this license is a 24-character (text) keycode that contains information about the product version, platform, and user count. In order to be properly recognized by your system, the license key must be provided to the software. This is done via the License Administrator tool. Using the GUI License Administrator To use the graphical License Administrator tool, follow these simple steps: 1) Go to the physical server itself. Please note that you can NOT do the install or basic management processes from a Remote Desktop (RDP) or Terminal Services session. 2) On the server, select Start/All Programs/Pervasive/Other Utilities/License Administrator. The following box will appear. 3) Enter your license keycode into the 4 boxes provided (each of 6 characters). 4) Click on Apply License Key to enter your license key. You should receive a message about the license being applied successfully, and the License Administrator should show the new license. Using the Command Line License Administrator To use the graphical License Administrator tool, follow these simple steps: 1) Go to the physical server itself. Please note that you can NOT do the install or basic management processes from a Remote Desktop (RDP) or Terminal Services session.
    [Show full text]
  • PSQL Brochure
    CRAZY FAST NEARLY UNBREAKABLE NO DBA REQUIRED VMOTION READY ADO.NET ACCESS Now fully cross-platform with Mac OSX support! Actian (Pervasive) PSQL is one of the most reliable, low maintenance, high- performance database management systems in the world. The v12 Server, Vx Server, and Workgroup editions keep users up-to-date version with new capabilities for boosting performance, supporting mobile cloud computing, expanding into global markets. All of this while serving both traditional and virtual users and keeping the focus on zero DBA, ease of use, and high productivity. KEY BENEFITS Boost database performance › Online data defragmenting Busy databases can develop data fragmentation, slowing access and to boost performance response times. The new self-service v12 Defragmenter lets you find fragmented files and fix them to maintain performance. Defragmenter › Live migration on works with the database online, so you can use it without disrupting all editions operations or customer access to applications and data. › Fewer failed license validations Before and after defragmentation › Split-second reports Here are the results of a test of a heavily used file of 2.5M records, before and queries and after defragmenting. › Data analytics and Defragmenting provides faster reports integration and benefits for storage, backup, and data capacity licensing. › More globalisation support › Data-only licensing for Vx Server Live migration of any virtual machine › Simplified installation Live migration in Vx Server has been extended to PSQL v12 Server and Backward compatibility Workgroup. Now all PSQL v12 virtual machine users can make more hardware and configuration changes without invalidating their license, delivering greater flexibility in cloud and virtualised operations.
    [Show full text]
  • Registering Netware Btrieve with the Novell Directory Services
    Btrieve Installation and Operation December 21, 1999 Novell Confidential doc_tpl.fm Rev 99a 28 October 99 Legal Notices Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes. This product may require export authorization from the U.S. Department of Commerce prior to exporting from the U.S. or Canada. Copyright © 1993-2000 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher. U.S. Patent Nos. 4,555,775; 5,157,663; 5,349,642; 5,455,932; 5,553,139; 5,553,143; 5,594,863; 5,608,903; 5,633,931; 5,652,854; 5,671,414; 5,677,851; 5,692,129; 5,758,069; 5,758,344; 5,761,499; 5,781,724; 5,781,733; 5,784,560; 5,787,439; 5,818,936; 5,828,882; 5,832,275; 5,832,483; 5,832,487; 5,859,978; 5,870,739; 5,873,079; 5,878,415; 5,884,304; 5,893,118; 5,903,650; 5,905,860; 5,913,025; 5,915,253; 5,925,108; 5,933,503; 5,933,826; 5,946,467; 5,956,718; 5,974,474.
    [Show full text]