|
|
|
The UNIX Remote Agent has been enhanced to support installation on Solaris Zones where the /usr filesystem is inherited from the Global Zone. Full root zones have been supported throughout r12.0 and r12.5's availability.
Installing the UNIX Remote Agent on a zone with an inherited /usr requires that a symbolic link is created in the Global Zone's /usr/bin directory, named "uxsautil." This link must point to the "uxsautil" binary installed with the Remote Agent, so we recommend that you install this agent in the Global Zone before the non-Global Zone, using identical installation paths.
You can also create the Global Zone symbolic link manually. Ensure that it points to the install location that will be used in the non-Global Zone. For example, using the default install location, you would enter:
ln -s /opt/CA/IdentityManager/ProvisioningUnixAgent/bin/uxsautil /usr/bin/uxsautil
If the UNIX Remote Agent is intended to be used in a sparse zone and run with the CAM service as a non root user, manual configuration is required. As the /usr/bin/uxsautil is inherited from the global zone, so are the file ownership permissions. These must be configured to match within the sparse zone. The "cam" user and group need to match on both zones.
- groupadd -g <gid> cam - useradd -u <uid> -g <gid> cam
Note: Ensure that the cam user's home directory is a valid path. The user account will be used during the Remote Agent installation process.
3. Install the UNIX Remote Agent with "CAM as a non root user" enabled.
As the "cam" user and group have been created manually, if the remote agent is uninstalled, they will also need to be deleted manually. The Remote Agent is written to remove accounts it added, but cannot distinguish manually created service accounts from a potential user.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |