The UNAB parameters file contains installation parameters that you can customize for your requirements.
This file has the following format:
Specifies whether to keep time stamped backups of the audit file.
Note: Set the value to yes if you want to send audit data to the Distribution Server. If you set the value to yes, CA ControlMinder backs up the audit file when it reaches the size limit specified by the audit_size configuration settings and time stamps the file. This ensures that all audit data is available to the Report Agent.
Limits: yes, no
Default: no
Defines the container name in the Active Directory under which the UNIX computer is registered.
Default: cn=Computers
Specifies the Distribution Server host name.
Limits: any valid host name.
Default: none
Specifies the Distribution Server port number.
Limits: SSL: 7243, TCP: 7222
Default: 7243
Specifies the Distribution Server communication protocol.
Limits: tcp, ssl
Default: ssl
Specifies whether the Report Agent sends endpoint audit data to the Distribution Server. This lets you integrate with CA User Activity Reporting.
Note: If you set the value to yes, set CA ControlMinder to keep audit backups (AUDIT_BK=yes).
Limits: yes, no
Default: no
Defines the name of the Active Directory container that holds the definitions of UNIX groups.
Specifies which Active Directory Domain Controllers UNAB ignores when establishing LDAP connection.
Note: You can specify Domain Controllers from both the current and trusted domains.
Limits: none, comma separated list
Default: none
Specifies which Active Directory domains UNAB ignores when querying for users and groups.
Limits: none, UNAB queries the current and all trusted domains; all, UNAB queries only the current domain; a comma separated list of domains to ignore
Default: none
Specifies the user containers to ignore when searching Active Directory.
Containers are defined by their distinguished names (DN) separated by semicolon. If the container DN does not contain domains names, it is applied to all queried domains.
Limits: list of container DN separated by semicolon, none
Default: none
Specifies the group containers to ignore when searching Active Directory.
Containers are defined by their distinguished names (DN) separated by semicolon. If the container DN does not contain domains names, it is applied to all queried domains.
Limits: list of container DN separated by semicolon, none
Default: none
Specifies the UNAB integration mode.
Limits: 1, partial integration; 2, full integration
Default: 2
(Linux s390) Specifies the full pathname to the installed Java environment, depending on the Java version and operating system.
Specify this parameter only if the Java environment is not installed in the default location. If the Java environment is installed in the default location, the installation program sets the value of this parameter.
Specifies the installation language.
Specifies the license acceptance command.
Specifies the login policy usage options.
Limits: yes, use UNAB policy and local login file, no, use UNAB login policy only.
Default: no
Specifies the Active Directory Domain Controllers (DCs) to establish LDAP connection with.
Note: You can specify DCs from both the current and trusted domains. If you specify the DCs to use, UNAB retrieves the list of DCs from Active Directory. If you do not specify the DCs to use, UNAB discovers the Active Directory site that is closest to the physical location of the endpoint and communicates with DCs in the discovered site.
Limits: none, comma separated list.
Default: none
Defines the name or IP address of the Network Time Protocol (NTP) server.
Specify the shared secret that the Report Agent uses to authenticate against the Distribution Server.
Limits: Any valid string.
Default: none
Note: You must specify the same shared secret that you defined when you installed the Distribution Server.
Specifies the name of the queue that snapshots are sent to.
Limits: A string representing the queue name.
Default: queue/snapshots
Defines when the Report Agent generates reports and sends them to the Distribution Server.
This token uses the following format: time@day[,day2] [...]
Default: 00:00@Sun,Mon,Tue,Wed,Thu,Fri,Sat
Specifies whether to rename the Kerberos ticket that was generated during user login.
Note: Use this option to support SSO login if the user Kerberos ticket name consists of random strings.When enabled this token the script /etc/profile.d/uxauth_rename_krb_tkt.sh renames the user ticket and set the corresponding value of environment variable KRB5CCNAME.
Limits: yes, no
Default: no
Specifies whether UNAB supports Kerberos-based Single Sign On (SSO)
Limits: yes, no
Default: no
Specifies whether UNAB synchronizes system time with an NTP (Network Time Protocol) server.
Note: If you set this value to yes, you must specify a value for the NTP_SRV token. If you set this value to no, UNAB uses the UNIX mechanism for system time that is defined in /etc/ntp.conf.
Limits: yes, no
Default: no
Defines the Active Directory container name holding the definitions of UNIX users.
Defines the user name of the Active Directory administrator.
Defines the account password of the Active Directory administrator.
Defines the domain that the UNIX computer is part of.
Specifies whether to execute the uxconsole -register command during installation.
Limits: yes, no
Default: no
Note: The uxconsole -register command registers the UNIX computer in the Active Directory server under the Computers container.
Specifies whether to start UNAB daemon at the end of the installation process.
Limits: yes, no
Default:yes
Defines the name of the Active Directory server.
Defines the verbosity level.
Limits: 0-7
Copyright © 2013 CA Technologies.
All rights reserved.
|
|