Novell Audit 2.0 can be installed on Solaris 8, 9, and 10.
Solaris 8 requires GCC 3.3 and zlib 1.2.3 to function as a Secure Logging Server. Without GCC3.3, applications fail to authenticate to the logging server. The resulting error in nproduct.log is Failed SSL Handshake.
IMPORTANT:When you install the full version of Novell Audit, the license file (*.nlf) is installed with the product and the product is automatically activated; that is, you can configure all the product channels and instrumentations.
If you install the Novell Audit Starter Pack, the product is not licensed and you have only limited functionality. If you want to upgrade to the full version, you must purchase a product license. For more information on activating the full version of Novell Audit, see Section 5.5, Activating Novell Audit.
To install Novell Audit on Solaris:
Log in as root on the host.
Insert the CD into the drive.
If the Volume Manager (vold) is running on your system, the CD is automatically mounted as /cdrom/CDROM.
(Optional) If the Volume Manager is not running on your system, complete the following steps to mount the CD:
Determine the name of the device by entering the following command:
ls -al /dev/sr* |awk '{print "/" $11}'
Enter the following commands to mount the CD-ROM:
mkdir -p /cdrom/CDROM
mount -F hsfs -o ro device_name /cdrom/CDROM
Enter the following command to go to the directory for the Novell Audit Solaris install:
cd /cdrom/CDROM/Solaris
From the setup directory for the Novell Audit Solaris install, enter the following command at the Solaris console to begin the installation:
./pinstall.sol
If you receive a Permission Denied error when attempting to execute the install script, you might need to grant execute rights to pinstall.lin by running chmod 755 pinstall.sol.
Accept the license agreement.
Select your install options.
Option |
Description |
---|---|
Platform Agent |
Installs the Novell Audit Platform Agent (liblogevent.so) and the Log Parser (logparse). The Platform Agent must be installed on any server that you want to report events. |
eDirectory Instrumentation Files with Platform Agent |
Installs the eDirectory Instrumentation (libauditDS.so), the Platform Agent (liblogevent.so), and the Log Parser (logparse). The eDirectory instrumentation must be installed on any server that you want to report eDirectory events. This option automatically installs the Platform Agent, regardless of whether the Platform Agent option is selected. |
Extend Schema |
Adds the Novell Audit schema extensions to eDirectory. NOTE:If you select only this option, you are returned to the Linux console after the eDirectory schema is extended. |
Novell Audit Secure Logging Server |
Installs the Novell Audit Secure Logging Server (lengine), the Novell Audit eDirectory Instrumentation (libauditDS.so), the Platform Agent (liblogevent.so), the Log Parser (logparse), and adds the Novell Audit 2.0 schema extensions to eDirectory. The Secure Logging Server securely receives reported events. NOTE:If you want more than one Secure Logging Server in the tree, we recommend that you create separate eDirectory organizational units as containers for each Secure Logging Server’s configuration objects. For more information, see Section 7.2, Configuring Multiple Secure Logging Servers. |
To add the Novell Audit schema extensions, enter the user name and password of an administrator with rights to the root of the eDirectory tree. This logs you into the AuditExt utility.
If the admin object is not in the same context as the current server, you must use the object’s fully distinguished name (for example, .Admin.Accounts.Finance.YourCo).
After logging in to AuditExt, select from the following options:
AuditExt Options |
Action |
---|---|
Add Schema Extensions |
Adds the Novell Audit 2.0 schema objects. IMPORTANT:This does not destroy or overwrite any objects in your current eDirectory tree. |
Remove Schema Extensions |
Removes all Novell Audit schema extensions from the eDirectory tree. This option is required to uninstall Novell Audit. WARNING:This option deletes all existing Novell Audit objects from eDirectory. |
Configure This Server |
Configures the Secure Logging Server. Depending on the installation, it performs one of the following actions:
If you choose to configure the Secure Logging Server, you are prompted as follows:
For additional configuration information, see Section 7.0, Configuring the Secure Logging Server. |
Exit AuditExt |
Closes the AuditExt utility. |
When finished, select
.When the installation is complete, the Secure Logging Server automatically launches.
Choose if you want to load the Platform Agent.
If you select logevent.conf).
, you are asked if you want to overwrite the pre-existing Platform Agent configuration file (For more information on logevent.conf,
see Logevent
in
the Novell
Audit 2.0 Administration Guide.
Choose if you want to load the eDirectory Instrumentation.
Novell Audit adds the following command to the ndsmodules.conf file to automatically load the eDirectory Instrumentation with eDirectory:
auditDS auto #NSure Audit Platform Agent
NOTE:On eDirectory 8.7, the path to the ndsmodules.conf file is /usr/lib/nds-modules/ndsmodules.conf. On eDirectory 8.8, the path is /etc/opt/novell/eDirectory/nds-modules/ndsmodules.conf.
Remove this command if you do not want the eDirectory instrumentation to automatically load.
To manually start the eDirectory instrumentation, enter:
ndstrace -c “load auditDS”
After you install Novell Audit, iManager 2.0 or above detects that you have a new plug-in and prompts you to install it. For instructions on installing the plug-in, see Section 6.0, Installing the Novell Audit iManager Plug-In.
When the installation is complete, the Secure Logging Server automatically launches, and the following command is added to /etc/init.d/naudit to automatically load the eDirectory instrumentation with eDirectory:
ndstrace -c "load auditDS"
Remove this command if you do not want the eDirectory instrumentation to automatically load.
To manually start the eDirectory instrumentation, run the following command from the Solaris console:
ndstrace -c "load auditDS"