18.3 Configuring the Secure Logging Server Using iManager

If you use iManager on a Novell Open Enterprise Suite (OES) server, the Audit plug-in for iManager is already installed. Otherwise, download and install the Novell Audit plug-in from the Novell Web site.

This section contains the following information:

18.3.1 Logging Events to the Appropriate Channel

  1. Log in to iManager.

  2. Select Auditing and Logging > Logging Server Options.

  3. Browse and select the logging server installed in the tree. It is typically located under Root > Logging Services > Server_Name > Logging Server.

  4. Click General.

  5. In the Log Channel field under the Configuration section, browse and select the required channel. For example:

    For files: File.Channels.Logging Services

    For MySQL: MySQL. Channels.Logging Services

  6. Click Channels.

  7. Select the required channel and edit the channel information to provide information about where the events are logged.

  8. Click Apply.

18.3.2 Reconfiguring Secure Logging Server with the SecureLogin Audit Schema

  1. Click Log Applications.

  2. Select the Applications check box.

  3. Select New Log Application.

  4. Type SecureLogin in the Application field.

  5. Browse to the SecureLogin.lsc file available in SecureLogin\Tools directory in the SecureLogin installer package.

  6. Click OK.

  7. On the General tab, select Summary and verify all the configuration settings.

  8. Click Apply.

18.3.3 Setting SecureLogin Preferences

To enable logging from SecureLogin, set the following preferences:

  1. Access the Administrative Management utility.

    For more information on how to access the Administrative Management utility see Section 1.2, Starting the Administrative Management Utilities and Section 1.3, Accessing the Single Sign-On Plug-In Through iManager.

  2. Click Preferences.

  3. In General Preferences, set the value of Enable Logging to Novell Audit to Yes.

  4. Click Apply.

    The following events are logged:

    Event ID 00330001: SSO AuditEvent Script Command
    Event ID 00330002: SSO Client Started
    Event ID 00330003: SSO Client Exited
    Event ID 00330004: SSO Client Activated By User
    Event ID 00330005: SSO Client Deactivated By User
    Event ID 00330006: Password Provided By A Script
    Event ID 00330007: Password Changed by the user in response to a ChagePassword command
    Event ID 00330008: Password Changed automatically in response to a ChagePassword command