ibm tivoli access manager for operating...
TRANSCRIPT
"b
Z9C>JO0d'VDz7.0,kDAZ 25 3DZ 6 B, :yw;PDE"#
Z;f,(2003 j 11 B)
>f>JCZ IBM Tivoli Access Manager for Operating Systems V5.1(z7E:5698-PDO)0yPsx"PfM^)
f,1=ZBf>PmPyw*9#
© Copyright International Business Machines Corporation 2000, 2003. All rights reserved.
?<
m . . . . . . . . . . . . . . . . . v
0T . . . . . . . . . . . . . . . . vii>D5DA_ . . . . . . . . . . . . . . vii>D5DZ] . . . . . . . . . . . . . . viivfo . . . . . . . . . . . . . . . . viii
Tivoli Access Manager for Operating Systems b viiiX8vfo . . . . . . . . . . . . . viii`Xvfo . . . . . . . . . . . . . viiiX(Z=(DE" . . . . . . . . . . . ixZ_CJvfo . . . . . . . . . . . . ix
(z!n . . . . . . . . . . . . . . . ix*5M''V . . . . . . . . . . . . . . ix>iP9CD<( . . . . . . . . . . . . . x
Ve<( . . . . . . . . . . . . . . . x
Z 1 B XZ>"Pf . . . . . . . . . 1IBXDlYt/_T#i . . . . . . . . . . 2'VPO . . . . . . . . . . . . . . . . 3
Z 2 B 20M}65w . . . . . . . . 520 Tivoli Access Manager for Operating Systems D
2~*s . . . . . . . . . . . . . . . . 5'VDYw536pMyhD9!Lr . . . . . . 6205w . . . . . . . . . . . . . . . . 8
Tivoli Enterprise Console M Tivoli Risk Manager'V . . . . . . . . . . . . . . . . 9Tivoli Risk Manager 4.2 /I'V . . . . . . 9ISMP/zSeries:20K Java <B ISMP 20Rp . 9ISMP:Z6X'\s,D~ uninstall.jar {'. . . 9ISMP/AIX:v/u/f . . . . . . . . . . 9ISMP/Solaris:t/ ISMP 1vV0R;=Ve1
ms . . . . . . . . . . . . . . . . 10ISMP/Solaris:76{PfZ # <B20'\ . . 10ISMP/Solaris:Z Solaris O;'VI!20?< 10ISMP/Solaris:Z Solaris 7 zwO201 ISMP '
\ . . . . . . . . . . . . . . . . 10}65w . . . . . . . . . . . . . . . 10
Z}61,**fe8>420 GSKit . . . . 11
Z 3 B Q*JbMd(=( . . . . . . 13AIX 53Zf9CJDv$ . . . . . . . . . 13AIX NIS Client M Tivoli Access Manager forOperating Systems t/3r . . . . . . . . . 13
Z HACMP for AIX 53OKPD"bBn . . . . 13m^G<P*Z AIX 53O;, . . . . . . . 131 AIX OD root C'4P\k|D1,;li\k
_T . . . . . . . . . . . . . . . . . 14s?0kD HP-UX 53DUdms . . . . . . 141 pdostecd +B~"M= Tivoli Enterprise ConsoleV3.8 B~~qw1,U>D~JdwKD*"=
Solaris O . . . . . . . . . . . . . . . 14ZV"Zd;\}%U>D~Jdw . . . . . . 14KP Solaris 8 D SPARCstation-5 ODKP1Jb 14U>7IwOgSJ~(@DmsX7;wCms{
" . . . . . . . . . . . . . . . . . 15g{J~~qw1zr_;\,S,B~I\a*' 15Nq;+ Tivoli Access Manager \m1\kS\ . . 15Z%w0ZXU4%s,;\Z Windows =(OX!
w5 . . . . . . . . . . . . . . . . . 15Z osseal-admin P^ root DivB4P PDOS Nq 15dCZdxPD_T|BI\<Bms . . . . . 16;sF AIX 53O'\D\k|D . . . . . . 17Z Linux 53OI9C mv |nT\X|{mI(#
$DD~xPX|{ . . . . . . . . . . . 17Z9C NFS V2 D Solaris 53O;5)_T . . . 170P rexec/remsh D HP-UX OD Tivoli AccessManager for Operating Systems G<n/_T . . . 17Z AIX 53O20/dC.sT CDE A;xxPb
xDJb . . . . . . . . . . . . . . . 179C $HOME/.rhosts M /etc/hosts.equiv D TivoliAccess Manager for Operating Systems G<n/_T . 18pdosexempt |nDV^ . . . . . . . . . . 18C4,$V'I1Di{;xVs!4 . . . . . 18CZli$iDJb7(5CLr . . . . . . . 19;'VDZ(fr . . . . . . . . . . . . 19
Z 4 B D55w . . . . . . . . . . 21Web >cOk Tivoli Access Manager for OperatingSystems D5;pa)D Tivoli Access Manager D5 21
Z 5 B zJ/5w . . . . . . . . . 23;c5w . . . . . . . . . . . . . . . 23
Setup TEC Event Server for PDOS Nqjb . . 23
Z 6 B yw . . . . . . . . . . . . 25Lj . . . . . . . . . . . . . . . . . 26
© Copyright IBM Corp. 2000, 2003 iii
m
1. Ve<( . . . . . . . . . . . . . . x2. Zf*s . . . . . . . . . . . . . . 5
3. 20DELUd*s . . . . . . . . . . 54. 'VDYw536pMyhD9!Lr . . . . 6
© Copyright IBM Corp. 2000, 2003 v
0T
IBM Tivoli Access Manager for Operating Systems a)K}>zYw53ya)DZ
(_T.bD;cZ(_T5)#6IBM Tivoli Access Manager for Operating Systems
"P5w7a)K>z7"PfPxPD|DDEv#>D52a)Kz7D5P;
}7Dr1YDE"#|9hvKz7DnUbTZdv=DNNQ*JbDd(=
(#
>^)D5PDE"+!zz7D5rz7>mPDE"#
>D5DA_
>D5CZ_8TBwbD;)*6D53\m1:
v UNIX® Yw53
v xJ-i,|( HTTP"TCP/IP"FTP"Telnet M SSL
v 2+\m
v ?<~q
v O$
v Z(
v IBM Tivoli Access Manager
53\m1I\uCPCD9dE"|,TBwbD*6:
v Tivoli Management Environment® y!=(
v Tivoli Distributed Monitoring
v Tivoli Enterprise Console®
v Tivoli Risk Manager
v Tivoli Security Manager
v Tivoli User Administration
>D5DZ]
6IBM Tivoli Access Manager for Operating Systems "P5w7|,TBBZ:
v Z 1 3DZ 1 B, :XZ>"Pf;
i\ Tivoli Access Manager for Operating Systems 0d&\#
v Z 5 3DZ 2 B, :20M}65w;
hv20 Tivoli Access Manager for Operating Systems Dm2~Hvu~#,1a
)K20r}6VP20D"bBn#
v Z 13 3DZ 3 B, :Q*JbMd(=(;
hv Tivoli Access Manager for Operating Systems bT}LPv=DNNV^rJ
b(|G4\ZCz7DnUf>P^})T0NNQ*Dd(=(#
v Z 21 3DZ 4 B, :D55w;
© Copyright IBM Corp. 2000, 2003 vii
hvkz7;pa)DD5PDNNmsrE)#
v Z 23 3DZ 5 B, :zJ/5w;
hv Tivoli Access Manager for Operating Systems DzJ/f>DbT}LPv=
DNNV^rJb(|G4\Zz7DnUf>P^})T0NNQ*Dd(=
(#
vfo
kDA Tivoli Access Manager for Operating Systems b"X8vfo0`XvfoD
hv,T7(D>vfoI\TzPoz#7(Kh*DvfoTs,kN<Z_C
JvfoD8>E"#
Tivoli Access Manager for Operating Systems bTBD5ITZ Tivoli Access Manager for Operating Systems bPq!:
v 6IBM Tivoli Access Manager for Operating Systems \m8O7,S152-0571
hv9C Tivoli Access Manager for Operating Systems DEnM}L#a)KS|
nPMS Tivoli @f4P\mNq,T0sF"9C|nMk IBM Tivoli Enterprise
Console T0 IBM Tivoli Risk Manager /ID8>E"#
v 6IBM Tivoli Access Manager for Operating Systems 208O7,S152-0190
hvgN20"dC"}6M6X Tivoli Access Manager for Operating Systems#
v 6IBM Tivoli Access Manager for Operating Systems Jb7(8O7,S152-0179
a)XZJOE}"{"U>G<"zYU>G<Md|oO$_DE",T0X
Z Tivoli Access Manager for Operating Systems DN<E"9|,z7ms{"`
?#
v 6IBM Tivoli Access Manager for Operating Systems "P5w7,G152-0185
a)KXZ Tivoli Access Manager for Operating Systems DnBE"#
v 6IBM Tivoli Access Manager for Operating Systems kHDA7(,G152-0186
a)KXZ20M Tivoli Access Manager for Operating Systems 9CkEDE"#
X8vfo
*KP'X9C>iPDE",z*_8;)X8*6,b)*6ITSTBvfo
Pq!:
v 6IBM Tivoli Access Manager Base 208O7,G152-0303
v 6IBM Tivoli Access Manager Base \m8O7,S152-0807
v 6IBM Tivoli Access Manager for e-business "P5w7,G152-0805
`Xvfo
k Tivoli Access Manager for Operating Systems `XDE"IZTBvfoPq!:
v 6IBM Tivoli Access Manager for e-business T\w{8O7,S152-0812
a)CZI Tivoli Access Manager M(e*C'"amD IBM Directory Server i
ID73DT\w{E"#
v IBM Tivoli Access Manager for e-business Problem Determination Guide,SC32-1352
a)XZT Tivoli Access Manager 73xPJOoODE"#
viii IBM Tivoli Access Manager for Operating Systems: "P5w
v IBM Tivoli Access Manager Error Message Reference,SC32-1353
|, IBM Tivoli Access Manager "Tivoli Access Manager for Operating Systems M
Tivoli Access Manager Business Integration Dz7ms{"`?#
v IBM Tivoli Access Manager for e-business Command Message Reference,SC32-1354
a)XZ Tivoli Access Manager |n0d!nDE"#
v Tivoli Software Library a)wV Tivoli vfo,gW$i"}]m"]>"Redbooks
Myw/#ISTB Web >cq! Tivoli Software Library:
http://www.ibm.com/software/tivoli/library/#
v Tivoli Glossary |,m`k Tivoli m~`XD<uuoD(e#Tivoli Glossary ZT
B Web >cvT"oa):
http://www.ibm.com/software/tivoli/library/
X(Z=(DE"
IZ6IBM Tivoli Access Manager for Operating Systems 208O7M>D5PR=X
Z\'V=(DE"#
Z_CJvfo
IZTB>cD Tivoli Software Library PTIF2D5q=(PDF)M/r,D>j
GoT(HTML)q=q!>z7Dvfo:
http://www.ibm.com/software/tivoli/library
*ZbPR=z7vfo,k%wb3fs`D Product manuals 4S#;sZ Tivoli
m~E"PD3fOR="%wz7{#
z7vfo|("P5w"208O"C'8O"\m8O"Jb7(8OM*"_
N<s+#
":*7#\}7r! PDF vfo,kZ Adobe Acrobat0r!10Z(I(}%w
D~ → r!4T>C0Z)P!qJO3f4!r#
(z!n
(z!n&\ozG)mePO(}gP/;crS&O-)DC'I&X9Cm~
z7#PK>z7,zIT9C(z<uU}M/@gf#2IT9C|Lx;Gs
jYw<NC'gfDyP&\#
XZ|`E",kND=< D:(z!n;#
*5M''V
g{zTNN Tivoli z7PJb,Ik Tivoli M''V*5#kZTB Web >cN
D Customer Support Handbook:
http://www.tivoli.com/support/handbook/
CVaa)XZgNy]JbDOXT*5M''VDE","a)TBE":
v "aMJq
0T ix
v g0EkMgSJ~X7(!vZzyZDzRrXx)
v *5M''V0&U/DE"
>iP9CD<(
>iTXbuoMYw"@5ZYw53D|nM76T0_"<N9CKtI<
(#
Ve<(
>iP9CTBVe<(:
m 1. Ve<(
<( (e
VeV vVZD>PD!4Ms!4lOD|n"|n!nMj>,sbyT
VeVMT>#
<NC'gf*X(0ZMT0rDjb}b)M|{,2sbyTV
eVMT>#
1eV d?"Xka)D5"BuoT0?wDJMLo,sby,T1eV
MT>#
HmVM vVZ%@PPD|n"|n!nMj>,zk>}"dvM{"D
>,sbyTHmVMT>#
D~{M?<{"XkdkDD>V{.(1|GvVZD>P1)"
Java =({M`{T0 HTML M XML jG,2sbyTHmVMT
>#
x IBM Tivoli Access Manager for Operating Systems: "P5w
Z 1 B XZ>"Pf
IBM Tivoli Access Manager for Operating Systems V5.1 "Pf|(TBB&\Mv?:
v \'VDBDYw53:
– IBM AIX 5.2
– Sun Solaris Operating Environment 2.9
– SuSE Linux Desktop (SLD) 1.0 (IA32)
– United Linux 1.0 for IA32
– United Linux 1.0 for IBM zSeries(31 ;M 64 ;ZK)
– United Linux 1.0 for IBM iSeries and pSeries(64 ;ZK)
XZK"Pf'VD=(Dj{Pm,kNDZ 6 3Dm 4#
v C'6psF9z\;yZCJC'XFCZZ(v_DsFG<DzI"zYB
~#{CC'6psF,zIT(e_T,C_T8(D) UNIX C'r_ Tivoli
Access Manager iI1zICZZ(v_DsFG<T0D) UNIX C'zICZ
zYB~DsFG<#B\m|n pdosshowuser Jmz4=C'DwVtT,|
(P'sF6p#
v U>7IwX$xL(pdoslrd)a)KS Tivoli Access Manager for Operating
Systems sFU>PA!sFG<"}K"q=/}],;s(}gSJ~Q}]"
MA>XD~r\m1,r_"M=6L/Oc(4 Tivoli Access Manager (^~
qw pdacld)D&\#XFD~CZ8(?j(@MX*D}Kw#pdoslradm |
nC4XF pdoslrd U>7IwX$xLT0U>7IwdCD~PD(@D3)
=f#ITdC`( Tivoli Access Manager for Operating Systems zw+sF}]
"MA;vD~#;VB$_ pdoscollview 9z\;i4/OD~#
v yZCJmI(DsFJmyZkT\#$J44PDYwxP|8BDsFTc
xPZ(CJv_#K&\IozuYzIDsFG<}#+VMJ46pDsF
<'VC&\#
v Q-mSKBD+VsF6p:trace_exec_l M trace_exec_root,C4^FzID
TraceExec }]?#
v BD RootDir J4 /OSSEAL/branch/RootDir(dP RootDir GX|V)a)K(}
+GLPD ACL EZ UNIX y?<B4#$y?<(/)D&\#
v Tivoli Access Manager VZ\;4(",$`v2+r"R(};v policy server X
F|G#Q}6 Tivoli Access Manager for Operating Systems 0d5CLr4'V
CB&\#
v Access-Restrictions )9tTDq=Q-v?,IT'V+u?V`*\xrJmfr
DB=(#g{CZ4PYwD10KPLrkLr/P(eD3;Lr%d,G
4\xfrJmz8(\xCJ_4P8(Yw4CJ\#$J4D_T#;^F
9CLr/PPvDLr.;xPDCJ#g{CZ4PYwD10KPLr<;
GLr/PPvDLr,r\xu?;aTCJzzNN0l#byZJmyPd
|*9CDLr1\|]WX^FX(LrD9C#JmfrG1!D,"Ra)
kH0"PfP Access-Restrictions u?`,DP*,1Rv1CZ4PYwD10
KPLrkLr/PyPvD3;Lr%d1,EJmz(eZhCJ_T\#$
J4DCJ(T4P8(YwD_T#g{Jmu?&CZx(CJ,"R10K
© Copyright IBM Corp. 2000, 2003 1
PDLrku?Lr/PPvDLr.;%d,r\xCJ#Z`,DCJ_`M
Du?P,\xu?EHZJmu?#mSK;vBDmI(/5 *,C5Jmz(
e&CZ OSSEAL YwiP(eDyPI\YwDu?#
v g{h*,Tivoli Access Manager for Operating Systems InstallShield Multiplatform
20zkVZIZ20120}7D Java f>#20jI1,+}% Java zk#
v pdoscfg 5CLrQ)9K;vBD!n -hostname,C!n9z\;Z"a=
Tivoli Access Manager wz~qw18(wz{#=vBN}:-admin_name M
-admin_pwd,zfK1!D -sec_master \k,"R\;Czw78(\m1{
FM\k#
v IT9CBD pdoscfg !n -net_ACL_limited QxgJ4CJXF(ACL M
POP)DLP^FZ NetIncoming M NetOutgoing J4{FB#1!ivB,*Jm
CJXFLP,Tivoli Access Manager for Operating Systems <U*yZ TCP Dx
gCJwvZ(CJv_(494ZXFCJD NetIncoming M NetOutgoing J4B
(eNN_T)#tCTxgJ4DCJXFLPD^F+<Bw7DZ(li,b
VlivT NetIncoming M NetOutgoing J4{FB(eD_TXFDxgCJ"
z#g{Z NetIncoming M NetOutgoing J46pO;PNNTZ^FCJXFD_
T*s,rITtCK&\TZwvXZyZ TCP xgYwDCJv_1uY*z,
rK+a}T\#
v BD policyview 5CLra)S Tivoli Access Manager policy server +\#$T
s_Ti!=?D>D~(flat text file)PD&\#
v a)K;vBD>X!{dCE> /opt/pdos/sbin/pdosucfg_local,CE>ITZ
;Pr Tivoli Access Manager policy server !{"aD>XzwO,!{ Tivoli
Access Manager for Operating Systems V5.1 DdC#g{53\m1*Q-20"
dCK Tivoli Access Manager for Operating Systems D534(KK!,"F.9
CCK!420BD53,G4CE>GPCD#
v QSkKDxDms{"MBDJOoO=8,Sxv?KJb7(&\#
v dCKG<n/1,VZ'V*E=2+ Shell(sshd)w*Q6pDG<Lr#
v g{H0D\kG\m1|DD,r\k_T;YIZ MinPasswordDays D^Fx\
x\k|D#
v Q(};vBD!n -C v?K pdosrefresh |n,C!nCZ"B10>$_Y
:fPyPD>$#
v I E F c b ( T C B ) P S k K ; v B ` ,
Immune-Surrogate-Programs#Immune-Surrogate-Programs `\;(e;v;\yPz
m_T0lDLr#ZC`B"aDLr;\yPzm_TD0l,;\zmYw
GZ4P1d(r*LrG set UID r set GID Lr)4PD9GZKP1Zd(I
Z9C setuid()/setgid() 53wC)4PD#TI5)XF4PYw>mD Tivoli
Access Manager for Operating Systems _T#Immune-Surrogate-Programs `G
Secure-Programs `D)9,CZ4Z Secure-Programs PdV"aLrDiv#
IBXDlYt/_T#i
g`v=(*wVJ4`M8(CJmI(G;v4SRD1DNq#* UNIX 4(_
6DCJ_T*sP8DF.MbT#*Kgc:DJ4`MI&5VbV#$,z
Xk7P6ph*#$DTs"7(gNE\nCX5VbV#$#*Kozc{K
Yw,Tivoli m~*"K;)lYt/_T#i,ITBXb)#i#lYt/_T#
2 IBM Tivoli Access Manager for Operating Systems: "P5w
iozzlY(e_T0TJ4DCJXF#|G9a)KgN(e Tivoli Access
Manager for Operating Systems Z(_TDnQ>}#TBG10ITBXD#i:
v Access Manager for Operating Systems Fast Start Policy Module for UNIX
v Access Manager for Operating Systems Fast Start Policy Module for DB2
v Access Manager for Operating Systems Fast Start Policy Module for IHS
v Access Manager for Operating Systems Fast Start Policy Module for WAS
*BXlYt/_T#i:
1. = IBM >c http://www.ibm.com
2. Qw FSPM
3. !qzPK$DlYt/_T#i#
'VPO
TBPwnD'VQ-S>"PfP}%:
v 'V Red Hat Linux(yPf>)#bGIZ Linux D Red Hat f>PD|D#
v SuSE Linux Enterprise Server(SLES7)D'V
v 'V Tivoli @fNq,0+ TACF (F PDOS1
Z 1 B XZ>"Pf 3
Z 2 B 20M}65w
>Ba)K20 Tivoli Access Manager for Operating Systems XkzcD2~Mm~
*s#K&a)DE"+!z6Tivoli Access Manager for Operating Systems 208O7
Pa)DE"#
20 Tivoli Access Manager for Operating Systems D2~*s
Bma)K Tivoli Access Manager for Operating Systems zwDZf*s:
m 2. Zf*s
RAM n!5 128 MB
RAM Fv5 256 MB r|_
Tivoli Access Manager for Operating Systems 20|IBPm~z7iI:
v Tivoli Access Manager for Operating Systems
v Tivoli Access Manager Base
v IBM Global Security Kit(GSKit)
v IBM Directory Client(LDAP)
y]Yw53=(,b)z7+20Z;,D?<P#BmEvK20 Tivoli Access
Manager for Operating Systems T0b)`Xz7DELUd*s#
m 3. 20DELUd*s
=( yhUd|F5
AIX /opt Ph* 88 MB,CZ Tivoli Access
Manager for Operating Systems M Tivoli Access
Manager runtime
/usr Ph* 67 MB,CZ GSKit M LDAP
/var Ph* 100MB,CZ Tivoli Access
Manager for Operating Systems runtime D~
HP-UX /opt Ph* 100MB,CZ Tivoli Access
Manager for Operating Systems"GSKit M Tivoli
Access Manager runtime
/usr Ph* 20MB,CZ LDAP
/var Ph* 100MB,CZ Tivoli Access
Manager for Operating Systems runtime D~
Solaris /opt Ph* 85 MB,CZ Tivoli Access
Manager for Operating Systems M Tivoli Access
Manager runtime
/var Ph* 100MB,CZ Tivoli Access
Manager for Operating Systems runtime D~
© Copyright IBM Corp. 2000, 2003 5
m 3. 20DELUd*s (x)
=( yhUd|F5
Linux for x86 /opt Ph* 60MB,CZ Tivoli Access
Manager for Operating Systems M Tivoli Access
Manager runtime
/usr Ph* 57 MB,CZ GSKit M LDAP
/var Ph* 100MB,CZ Tivoli Access
Manager for Operating Systems runtime D~
Linux for zSeries /opt Ph* 60MB,CZ Tivoli Access
Manager for Operating Systems M Tivoli Access
Manager runtime
/usr Ph* 57 MB,CZ GSKit M LDAP
/var Ph* 100MB,CZ Tivoli Access
Manager for Operating Systems runtime D~
Linux for pSeries and iSeries /opt Ph* 60MB,CZ Tivoli Access
Manager for Operating Systems M Tivoli Access
Manager runtime
/usr Ph* 57 MB,CZ GSKit M LDAP
/var Ph* 100MB,CZ Tivoli Access
Manager for Operating Systems runtime D~
":KP1}LP,Tivoli Access Manager for Operating Systems +Z(_T}]b1
>"IEFcbTs){}]b"sFU>MmsU>f"=?< /var/pdos B#
k<G+ /var/pdos"/var/pdos/audit M /var/pdos/log w*@"DD~534
4(#(i\s!AY* 100 MB#yhDUdI\f1dxvS#|w*!vZ
(eD_TMdCDsF6p#
'VDYw536pMyhD9!Lr
Tivoli Access Manager for Operating Systems Zm 4 PPvDYw53=(O\'V#
mb,XkZ20 Tivoli Access Manager for Operating Systems .020TBYw5
39!Lr#k*5zDYw53)<q!XhD9!Lr#
m 4. 'VDYw536pMyhD9!Lr
Yw53Mf> yhD9!Lr
IBM AIX 4.3.3(32 ;ZK) AIX 4330-1 ,$|r|_6p,xPTB
9!Lr:
v 4.3.3.51 r|_6pD bos.rte.libpthreads 9!
Lr
v xlC.rte(6.0.0.0 C Set ++Runtime)
v xlC.aix43.rte(6.0.0.3 C Set ++Runtime)
IBM AIX 5.1(5L)(32 ;M 64 ;ZK) AIX 5100–04 ,$|
r|_6p,xPTB9!Lr:
v xlC.rte(6.0.0.0 C Set ++Runtime)
v xlC.aix50.rte(6.0.0.3 C Set ++Runtime)
6 IBM Tivoli Access Manager for Operating Systems: "P5w
m 4. 'VDYw536pMyhD9!Lr (x)
Yw53Mf> yhD9!Lr
IBM AIX 5.2
(32 ;M 64 ;ZK)
AIX 5200–01 ,$|
r|_6p,xPTB9!Lr:
v xlC.rte(6.0.0.0 C Set ++Runtime)
v xlC.aix50.rte(6.0.0.3 r_|_6D C Set
++Runtime)
v bos.rte.libc 5.2.0.12
HP-UX 11.0(32 ;M 64 ;ZK) v X S W G R 1 1 0 0 , $ 9 ! D 6 p X k G
B.11.00.47 r_|_6p
v PHKL_25475 r_dfzLr
HP-UX 11i(32 ;M 64 ;ZK) v Xk20 PHCO_24400 ,$9!r_dfz
Lr
v Xk20 PHCO_24402 ,$9!r_dfz
Lr
v PHNE_25084 r_dfzLr
Sun Solaris Operating Environment 2.7
(32 ;53)
9!Lr:
v 106980–13
v 106950–18
v 106327–13
Sun Solaris Operating Environment 2.7
(64 ;53)
9!Lr:
v 106980–13
v 106950–18
v 106327–13
v 106300–14
Sun Solaris Operating Environment 2.8
(32 ;53)
9!Lr
v 109147–15
v 108434–05
v SUNWuiu8
v SUNWjiu8
Sun Solaris Operating Environment 2.8
(64 ;53)
9!Lr
v 109147–15
v 108434–05
v 108435–06
v SUNWuiu8
v SUNWjiu8
Sun Solaris Operating Environment 2.9
(32 ;53)
VZ;P(ED9!Lr#
Sun Solaris Operating Environment 2.9
(64 ;53)
VZ;P(ED9!Lr#
SuSE Linux Desktop (SLD) 1.0 (IA32) 'VDZK6p:
v k_deflt-2.4.19-306*
v k_smp-2.4.19-306*
Z 2 B 20M}65w 7
m 4. 'VDYw536pMyhD9!Lr (x)
Yw53Mf> yhD9!Lr
United Linux 1.0 (IA32) 'VDZK6p:
v k_deflt-2.4.19-120*
v k_smp-2.4.19-113*
SP2a |B:
v k_deflt-2.4.19-304
v k_smp-2.4.19-304
9h*TB SP2 |B:libstdc++-3.2.2-5.i586.rpm
United Linux 1.0 for zSeries
(31 ;M 64 ;ZK)
'VDZK6p:
v 31 ;:k_deflt-2.4.19-32*
v 64 ;:k_deflt-2.4.19-34*
SP2 |B:
v k_deflt-2.4.19-79
v k_deflt-2.4.19-80
United Linux 1.0 for pSeries and iSeries
(64 ;ZK)
'VDZK6p:
v kernel-iseries64-2.4.19-104*
v kernel-ppc64-2.4.19-108*
SP1 |B:
v kernel-iseries64-2.4.19-194
v kernel-ppc64-2.4.19-186
":
1. TZ Linux Yw53,Tivoli Access Manager for Operating Systems v'VPvD
ZK|#xGE(*)DZKm~|G1!ivBZ Linux 20}LP20DZK#
d|8(D Linux m~|GISw)&L&q!D|B|#PvD6pGSCZQ
20ZKD rmp(4 rpm -q k_deflt)5XD5#
2. T United Linux 1.0 D'V|(TTBV<fM"PfD'V:SuSE Linux Enterprise
Server (SLES)8"TurboLinux Enterprise Server (TLES)8 M Conectiva Linux Enterprise
Edition#
3. Z0P Solaris 8 D SPARCstation-5 2~O;'V Tivoli Access Manager V5.1 M
Tivoli Access Manager for Operating Systems V5.1#ZC2~M Solaris6pDiO
OKP Tivoli Access Manager I4PD~1av=Jb#I4PD~(}g
pdversion)DJOgB:
#pdversionld.so.1:/opt/PolicyDirector/sbin/ivprintmsg:B|:/usr/lib/libCstd.so.1:msD ELF j>5:256
44 Solaris 8 53D~ /usr/lib/libCstd.so.1 kK2~=(;f]#
205w
20 Tivoli Access Manager for Operating Systems .0,kXBi4TB5w,T7
(|GGqkzD2073PX#
8 IBM Tivoli Access Manager for Operating Systems: "P5w
Tivoli Enterprise Console M Tivoli Risk Manager 'V
Tivoli Management Framework V4.1,(Eh*9!Lr 13"14 M 15:
v 4.1-TMF-0013
v 4.1-TMF-0014
v 4.1-TMF-0015
Z Solaris 2.7"2.8 M 2.9 =(O'V Tivoli Enterprise Console h* 3.8-TEC-FP01 ^
)|#
Tivoli Risk Manager 4.2 /I'V
k Tivoli Risk Manager V4.2 /Ih*nbD=h#b)nb=hk6IBM Tivoli Access
Manager for Operating Systems \m8O7Z.BPD:k IBM Tivoli Enterprise Data
Warehouse/I;;ZPyhvD=hj+`,#XZb)=hDj8hv,kN<
6IBM Tivoli Access Manager for Operating Systems \m8O7#4Ub)=h2IT
k Tivoli Risk Manager V4.2 /I#
ISMP/zSeries:20K Java <B ISMP 20Rp
Z20K Java D zSerizes 53O9C InstallShield Multiplatform 20Lr1,I\a
Z20}LY|ax14=20Rp#g{ install_amos_zSeries LrRp"Z;N
1dZvV0IBM Tivoli Access Manager for Operating Systems 20#kH}#1f
e,r;\!{"Kv20Lr#
":ZbVivB,LrD20MdCQ3{jI#(;DJbMG4206XL
r#g{Tsh*6X,;\9CYw53D>z6X5CLr#
ISMP:Z6X'\s,D~ uninstall.jar {'
20I&s,InstallShield Multiplatform 5CLraZ?< /var/pdos_ismp/_uninst P
4(;v6XLr#
*6Xz7,I9CTB|n:
java -cp /var/pdos_ismp/_uninst/uninstall.jar
496X'\,InstallShield Multiplatform 5CLr2+}% uninstall.jar D~,r
K M ^ ( Y " T x P 6 X K # 1 0 D d ( = ( G I C ' 8 ] b v
/var/pdos_ismp/_uninst ?<#
ISMP/AIX:v/u/f
1 Tivoli Access Manager for Operating Systems D InstallShield Multiplatform 20L
rZ3) X Windows 53OKP1,avVBP{":
/f:{F:HorScrollBar`:XmScrollBar8(Dv/u5Hv/uns5u%v/u,i_g9*s#
K/fGI Motif PDLrms}pD,h*20CYw53D;v9!Lr#XZ|
`j8E",kND http://support.installshield.com/kb/view.asp?articleid=Q106480#
Z 2 B 20M}65w 9
ISMP/Solaris:t/ ISMP 1vV0R;=Ve1ms
1 Tivoli Access Manager for Operating Systems D InstallShield Multiplatform 20L
rZ3) Solaris 53OKP1,avVBP{":
R;=Z font.properties P8(DVe [-urw-itczapfdingbats-medium-r-normal--*-%d-*-*-p-*-sun-fontspecific]R;=Z font.properties P8(DVe [-urw-itczapfdingbats-medium-r-normal--*-%d-*-*-p-*-sun-fontspecific]R;=Z font.properties P8(DVe [-urw-itczapfdingbats-medium-r-normal--*-%d-*-*-p-*-sun-fontspecific]R;=Z font.properties P8(DVe [-urw-itczapfdingbats-medium-r-normal--*-%d-*-*-p-*-sun-fontspecific]R;=Z font.properties P8(DVe [-urw-itczapfdingbats-medium-r-normal--*-%d-*-*-p-*-sun-fontspecific]
bG Java KP173hCDJb#Java KP1?<BP;v{* font.properties D
D~#}g,/usr/java1.3.0_01/jre/lib/font.properties#KD~+ Java Ve3d
*53Ve#g{;P203V53Ve,r+T>/f{"#bvl(GS Solaris Y
w53iJP20b)53Ve#
ISMP/Solaris:76{PfZ # <B20'\
9C ISMP Z Solaris O20P1a'\,vVgBms{":
# install_amos_solaris _L0main1PvVl# java.lang.NoClassDefFoundError:run
1 Tivoli Access Manager for Operating Systems CD 20176{PvV # 1,+v
VKJb#}g,CD (#20Z /cdrom/amos_amos P#1 CD 201D76`FZ
/cdrom/amos_amos#1 1,20+'\#d(=(Ge} /cdrom ?<,TcZ CD 2
0Z /cdrom/amos_amos P#I\h*XB}<53E\bvKJb#
ISMP/Solaris:Z Solaris O;'VI!20?<
{E4S!nZ Solaris O;\'V#InstallShield Multiplatform fe+ /opt T>*1
!?<,+;aS\dk#
ISMP/Solaris:Z Solaris 7 zwO201 ISMP '\
g{Z3( Solaris 7 zwOxP Tivoli Access Manager for Operating Systems D
InstallShield Multiplatform 20}LP,v=KxBPXwDJb:
1. T>06-1fe#z%wB;=#
2. T>0mI$-i1fe#zS\CmI$"%wB;=#
3. 20"4'\,T>;v JVM ms#
z&20BP Solaris 9!Lr"XT InstallShield Multiplatform 20:
v 108376–38
v 107656–09
v 107081–45
}65w
Z}6 Tivoli Access Manager for Operating Systems DVPf>.0,kXBi4T
B5w,T7(|GGqkzD2073PX#
10 IBM Tivoli Access Manager for Operating Systems: "P5w
Z}61,**fe8>420 GSKit+ Tivoli Access Manager for Operating Systems V4.1 }6= V5.1 1,InstallShield
Multiplatform **fe8>420 GSKit#20Lra0Rf>E,+ GSKit m~|
D?v"Pf";G4f>E4|D{FD,yTLra(f420 GSKit#}6I&
RQ20 GSKit#
bG;v(fJb#ITvTK{"#
Z 2 B 20M}65w 11
Z 3 B Q*JbMd(=(
T Tivoli Access Manager for Operating Systems xPD IBM MM'lrDc:bT
Q-9VKm`G<Z>ZPDP*#&14ib)P*"KCya)Dd(=(,
Sx\bNN:f0l#3)P*I\Z+4Dz7|BPC=^},xd|P*r
;\ Tivoli Access Manager for Operating Systems DXF#IZZ 23 3DZ 5 B, :z
J/5w;PR=k>z7DzJ/f>`XDJb#
AIX 53Zf9CJDv$
ZdCK Kerberos D AIX 53P,1>X UNIX iPfZs?C'1,pdosd X$
xLDZf9CJI\1gv$#bG AIX bos.rte.security m~|DJb#10;
Pd(=(#
AIX NIS Client M Tivoli Access Manager for Operating Systems t
/3r
Z AIX 53O,g{53* NIS M'z,rC NIS M'zXkZt/ Tivoli Access
Manager for Operating Systems .0t/#1 Tivoli Access Manager for Operating Systems
dC*Z53}<1T/t/1,bG1!5#g{ZdC Tivoli Access Manager for
Operating Systems sV$^D /etc/inittab D~,rXk7# Tivoli Access Manager
for Operating Systems u?vVZ NIS M'zu?.s#
Z HACMP for AIX 53OKPD"bBn
1KP High Availability Cluster Multiprocessing(HACMP)for AIX 1,h*7#Z
XU353"+C53*f= HACMP :/PDm;531,4PK}7DYw#b.
yTX*,Gr*Z Tivoli Access Manager for Operating Systems k LDAP ~qw
(E1*@5 IP X7#Z HACMP B~0E>P,XU Tivoli Access Manager for
Operating Systems#Z HACMP B~sE>P(|ZB53OKP),XBt/ Tivoli
Access Manager for Operating Systems#b\7# Tivoli Access Manager for Operating
Systems Z;BDxg73PKP#XZd|j8E",kiD HACMP for AIX D5#
m^G<P*Z AIX 53O;,
ZKPZ NIS 73D AIX 53O,m^G<D&mkZd|=(O(r>X,$\k
E"D AIX 53O);,#(#,1\k=ZRm^G<5hC*c1,aa>zZ
B;NG<"T1|D\k#;x,r* AIX ";9C0IekO$#i1(PAM)
xPO$,KiNZ NIS 73Pa<BG<"T;\x#ZCC'I&G<.0,Xk
*CC'hCBD\k|DUZ#
© Copyright IBM Corp. 2000, 2003 13
1 AIX OD root C'4P\k|D1,;li\k_T
Z AIX O,1 root C'*m;vC'4P\k|D1,;li Tivoli Access Manager
for Operating Systems \k_T#r*Zb)YwP,;wCkT\k_T5)D Tivoli
Access Manager for Operating Systems =(,yT;axPli#bG AIX DV^,
10;Pd(=(#
s?0kD HP-UX 53DUdms
Z s ? 0 k D H P - U X 5 3 O , z I \ 4 = p d o s d U > D ~
/var/pdos/log/msg__pdosd.log PzIKTBmsE":
2003-10-24-12:50:14.087-05:00I----- 0x35A62686 \pdosd ERROR oss db hla_db_hash.c 937 0x00000021 AOSSS1670E
S}]bq!u?1vm:|:4, = \9.48.173.145:;Pc;DUd:0xc
Cms{"8>yPICZ2m}]D536'DX7Ud<QD!#153OKP
}`DxL1,a"zbViv#ZbVivB,Tivoli Access Manager for Operating
Systems Lx}#Yw#
1 pdostecd +B~"M= Tivoli Enterprise Console V3.8 B~~qw
1,U>D~JdwKD*"= Solaris O
(}&C Tivoli Enterprise Console ^)| 3.8-TEC-FP01 IT^}KJb#
ZV"Zd;\}%U>D~Jdw
}Z|BJdwdCE*D~(PDOS-ACPROF r PDOS-RISKMGR-ACPROF)T}%
JdwG<,;sTb)E*D~xPV"1,^(SKc}% Tivoli Enterprise Console
UNIX U>D~Jdw#
*ZKivB}%U>D~Jdw,k4PTBYw:
1. #9U>D~Jdw#IS Tivoli @f9C Stop TEC Adapter Nq4jICY
w#
2. }%`&JdwdCE*D~PDJdwG<#
3. V"|BDJdwdCE*D~#
KP Solaris 8 D SPARCstation-5 ODKP1Jb
Z0P Solaris 8 D SPARCstation-5 OKP Tivoli Access Manager V5.1 M Tivoli Access
Manager for Operating Systems V5.1 I4PD~1v=Jb#Tivoli Access Manager I
4PD~(}g pdversion)'\,gBy>:
#pdversionld.so.1:/opt/PolicyDirector/sbin/ivprintmsg:B|:/usr/lib/libCstd.so.1:msD EFF j>5:256
44 Solaris 8 53D~ /use/lib/libCstd.so.1 kK2~;f]#
IZKJb,Z0P Solaris 8 D SPARCstation-5 O;'V Tivoli Access Manager V5.1
M Tivoli Access Manager for Operating Systems V5.1#
14 IBM Tivoli Access Manager for Operating Systems: "P5w
U>7IwOgSJ~(@DmsX7;wCms{"
g{,9CU>7Iw(pdoslrd)DgSJ~(@1,Z /opt/pdos/etc/pdoslrd.xml
D~Pms8(gSJ~;6X7,rU>7IwX$xL;\7(gSJ~4\"
M=CX7#U>7IwX$xL+I&t/,""T+gSJ~"M=CX7,+
;alb=ms#*K7#}7Yw,z;&C\@5ZU>7Iw4i$X7,x
&CxPbTTi$\;}7"MMSUgSJ~#
g{J~~qw1zr_;\,S,B~I\a*'
Zt/s,g{U>7IwX$xL;\("kJ~~qwD,S,G4"M=8(
gSJ~X7DB~+*'#(i;*r* LRD_EmailOutput (@,Mr*m;v
LRD_FileOutput (@#9(i*b=v(@8(,;i}Kw#4Pb)Yws,r;
J~~qw1z,9IT#fB~#
Nq;+ Tivoli Access Manager \m1\kS\
1Z UNIX ~qwDT>APdk Tivoli Access Manager \m1\k1,Z Tivoli
Access Manager for Operating Systems \mNqi~Pa)DBPNq;aANC\k#
Z Tivoli Framework 73Pb)NqGI)!CDNq#b)NqG:
v Configure PDOS Server
v Import UNIX Users and Groups
v Migrate TACF to PDOS
v Add/Remove PDOS Auditors/Administrators
v Configure PDOS Server
v Import UNIX Users and Groups
v Migrate TACF to PDOS
v Query Branch Membership
v Show PDOS Auditors/Administrators
\kfs+4-S\(}xg"M=D?jzw,bI\<B\k;9X"#02+
T#
Z%w0ZXU4%s,;\Z Windows =(OX!w5
Z Windows =(OKPD Tivoli @f53P,g{%w0ZROGD X rT!{X
( AMOS NqPw5D4P,bj+d*3),K1z^(!qr4PQ!{NqD
<j#d(=(G%wNqb0ZPDi4→"B#
Z osseal-admin P^ root DivB4P PDOS Nq
g{+ root S osseal-admin iP}%,Xk^D PDOS Nq,9CNqZQmS
= osseal-admin iDC'j6BKP#r* Tivoli Management Agent(TAM)Nq
4PDa9,9&4P8vd|Yw#ZKcOTNqDy>4PgB#Z>>}P
9CK Solaris,+b)=hJCZyP=(#
1. C'Z;NZ Solaris KcOKPNq#
Z 3 B Q*JbMd(=( 15
2. CZKcD|, run_task() =(DI4PD~{* task_endpoint#TMA *@CD
~ & 1 ; Z
$LCFROOT/dat/1/cache/bin/solaris2/TAS/TASK_LIBRARY/task_endpoint#
3. TMA lid_Y:fw}47(CD~GqfZ#
4. r*bG;N+BDKc20,CD~;fZ#
5. TMA ky,S=DxX*g,"SCxXD lcf_bundle ?<BX task_endpoint#
;s|9CXZ task_endpoint D(;E"|Bd_Y:fw}#CE"y>OG
;v9CD~UZDXw{#
6. TMA zI $LCFROOT/dat/1/cache/bin/solaris2/TAS/TASK_LIBRARY/task_endpoint
w*4PksNqD root C'#
7. ZzI5JNq.0,task_endpoint XkP;=Nq&1ZdBKPDC'j6#
g{8(Kij6,2Xk|D=Kj6#
8. C'YNZ,;vKcOKPNq#
9. TMA lid_Y:fw},iR task_endpoint,;sksxX+Xw{kxX
lcf_bundle ?<PD task_endpoint HO#g{|G%d,rLx4PNq#g{
|G;%d,b6ExX lcf_bundle ?<PD task_endpoint H_Y:fPDZ
](4T9!Lr)*B,r TMA +BXBD task_endpoint "Lx4PNq#
=h 7 M=h 9 I\}p Tivoli Access Manager for Operating Systems 73PDJ
b#TZ=h 7,Xk5VJ1D_T49 task_endpoint \;P;=4Pj6#bIT
(}9C
/OSSEAL/branch/TCB/Impersonator-Programs/LCFROOT/dat/1/cache/bin/cache/bin/solaris2/TAS/TASK_LIBRARY/task_endpoint
+ task_endpoint "a*;v#BLr4o=#
g{g=h 9 yvQBXBD task_endpoint,rC task_endpoint +dC;IE#
IT9C pdosobjsig |n4XBEN task_endpoint#
1|D PDOS NqZdBKPDC'j6"R5V_TJCZzD731,k<G=K
E"#
dCZdxPD_T|BI\<Bms
g{ZdC}LZd"z_T|B,r pdoscfg |nI\a'\#g{Z Tivoli Access
Manager rPBPNNn/k3B Tivoli Access Manager for Operating Systems 53
DdC,1xP,rI\vVKiv#b)n/4<BdC'\DI\TD]uNr
Pv:
v ZdC Tivoli Access Manager for Operating Systems 5314P_T\m
v Z$)KB_TV'DZ;v53OdC Tivoli Access Manager for Operating Systems
v Z8(K pdosucfg |nD -remove_per_policy on !nD53O!{ Tivoli
Access Manager for Operating Systems DdC#
v + Tivoli Access Manager for Operating Systems dC*$)3VP_TV'DZ~
vr|sfDzw
v Z53O!{ Tivoli Access Manager for Operating Systems DdC
16 IBM Tivoli Access Manager for Operating Systems: "P5w
g{r*""xP_T|Bx9C Tivoli Access Manager for Operating Systems dC
}L'\,rZk pdoscfg |nX*DmsU> /var/pdos/log/msg__pdoscfg.log P
+G<;vms#*|}CJb,rZe;YwjIsYN"v pdoscfg |n#
;sF AIX 53O'\D\k|D
Z AIX 53Or53^Fx<BD'\D\k|D"T(}g4\kI\k%d),
Tivoli Access Manager for Operating Systems +;TdxPsF#
Z Linux 53OI9C mv |nT\X|{mI(#$DD~xPX|{
Z Linux O9C mv |nIT Rename(X|{)ACL \#$DD~xPX|{#b
GIZ Linux OD mv |nGZ9CX|{53wC.sE+D~4F=?DX?<
x}pD#9C rename |na<BCYw4$Z;\x#
Z9C NFS V2 D Solaris 53O;5)_T
TZ$tZ Solaris 53O9C NFS V2 20DmODD~M?<,Tivoli Access
Manager for Operating Systems _T+;;5)#9C NFS V3 20Dm+4$Z\
#$#*Z Solaris 53O#$DD~M?<&v9C NFS V3 20#
0P rexec/remsh D HP-UX OD Tivoli Access Manager forOperating Systems G<n/_T
Tivoli Access Manager for Operating Systems DG<n/_T;\&mgZ HP-UX
11.11(11i)D HP-UX 11.00 6pOD HP-UX G<Lr rexecd M remshd#bG
HP-UX 11.00 =(DV^,r*b)Lr;\tC PAM#d|G<_T(gUK"?
U1dMYU)T+&C#g{h*5)CG<n/_T,r&1{CZ HP-UX 11.00
zwO9C rexecd r remshd G<#
Z HP-UX R11.11(11i)Pb)LrQtC PAM,g0rexecd,remshd-used PAM for
a u t h e n t i c a t i o n 1 D 5 P y v , C D 5 ; Z
http://devresource.hp.com/STK/impactlist.html PDjb0HP-UX 11i non-critical
enhancement impacts1B#
Z AIX 53O20/dC.sT CDE A;xxPbxDJb
g{Z AIX 53O9CQ;A;x(Dn/D CDE 73420"dCMt/ Tivoli
Access Manager for Operating Systems,rT CDE A;xxPbxD"TI\'\#
bGr*TBB5:Z AIX 53O,1 AIX O$e~dCD~Z CDE xLKPD
,1;|B1,k CDE `XDxL;aj+XB@@b)dCD~#5C"bD
G:/usr/lib/security/methods.cfg D~;P;XB&m#a{,G<(rA;bx)
&m;PI&jI#FuQ+KP*}kK AIX V5 MnBD AIX V4.3.3 D,$6p
P#
P=V==TKP*4Pd(=(:
v dC Tivoli Access Manager for Operating Systems .sXB}<zw#
r
Z 3 B Q*JbMd(=( 17
v #9(kill -9)yPk CDE `XDxL0 X ~qw#;sC /etc/rc.dt start X
Bt/ CDE#BfGS6LG<0Zt/C}LD;v>}:
#ps -ef|grep dtroot 3922 7228 0 08:49:30 - 0:00 /usr/dt/bin/dtloginroot 4206 3922 0 08:49:31 - 0:00 /usr/lpp/X11/bin/X -D /usr/lib/X11//rgb
-T -force :0 -auth /var/dt/A:0-SUdRiaroot 18736 22978 0 09:13:23 - 0:00 dtgreetroot 19900 7746 2 09:13:39 pts/0 0:00 grep dtroot 22978 3922 0 09:13:23 - 0:00 dtlogin <:0>#ps ef|grep Xroot 4206 3922 0 08:49:31 - 0:00 /usr/lpp/X11/X -D /usr/lib/X11//rgb
-T -force :0 -auth /var/dt/A:0-SUdRiaroot 16264 1 0 08:04:08 - 0:00 /usr/bin/AIXPowerMgtDaemonroot 23040 7746 0 09:13:43 pts/0 0:00 grep X
#kill -9 3922 4206 18736 22978
# /etc/rc.dt start}Zt/ AIX Windows @f...
9C $HOME/.rhosts M /etc/hosts.equiv D Tivoli Access Manager forOperating Systems G<n/_T
ZdC Tivoli Access Manager for Operating SystemsG<n/_T1,;wE9C53
D~ $HOME/.rhosts M .etc/hosts.equiv,r*b=vD~;S*G;2+D#Kd
CDP*!vZ=(#Z AIX 53O,$HOME/.rhosts M /etc/hosts.equiv an3
V Tivoli Access Manager for Operating Systems G<n/_Tj+^(5),bV_
T&CK9Cb=vD~4xPO$DLr(rlogin"rsh H)#d|G<_T(gUK"
?U1dMYU)T+5)#bG AIX =(D;vV^,r*1 Tivoli Access Manager
for Operating Systems O$(} $HOME/.rhosts M /etc/hosts.equiv 4xP1,;
PwCO$e~#
ZIekO$#i(PAM)=(4 Solaris"HP-UX M Linux O,Tivoli Access Manager
for Operating Systems +}75)G<n/_T,49}g rlogin M rsh byDLr
ZO$Zd9CK $HOME/.rhosts r /etc/hosts.equiv u?#g{IZG<n/_T
D5)9CJ']Rrx(,rsxDCJ<+;\x#
pdosexempt |nDV^
pdosexempt |nvT Tivoli Access Manager for Operating Systems y6pDxLp
wC#1 Tivoli Access Manager for Operating Systems lb=3xLt/1,MqC
KTCxLD6p\&#Z53XB}<.sWNt/ Tivoli Access Manager for
Operating Systems .0MfZDG)xL,;\(} pdosexempt |nSZ(_TP
b}#NNbVxLXkXBt/,TcZ9C pdosexempt |n+KxLS_TP
b}.0,Tivoli Access Manager for Operating Systems \6pCxL#
C4,$V'I1Di{;xVs!4
C4,$V'I1E"Di{(pdosd-branch/policy-branch);xVs!4#}
g,Y(=v Tivoli Access Manager for Operating Systems M'zT`,DV'{F
xPdC,+V'{FWV8P9CK;,DV8V{(g Test M test)#?vM'z
+5PXpDTsUd(/OSSEAL/Test and /OSSEAL/test)45)_T,+a_P`,
D LDAP i{(pdosd-branch/test)4,$V'I1Dv)N<D1>#a{,V'
18 IBM Tivoli Access Manager for Operating Systems: "P5w
I1(f+9=v_TV'PDG)zw<5X*I1#*TKJb4Pd(=(,
k7#_TV'{FZ Tivoli Access Manager for Operating Systems 73PG(;D
(vTs!4)#
CZli$iDJb7(5CLr
Z6IBM Tivoli Access Manager for Operating Systems Jb7(8O7DZDB:TK
P1xPJbJOoO;P,a)K;)E>>},9z\;li ldapcacert.b64 D
$izfZ"C SSL LDAP CA $ibT= LDAP ~qwD SSL ,S#*x;==
cC',/opt/pdos/sbin ?<Pa)DE> cert_test.sh xvK$iDE""li$
iDP'Z#*9CKE>,kdkTB|n:
/opt/pdos/sbin/cert_test.sh certificate file name [ldap server hostname]
;'VDZ(fr
Tivoli Access Manager Base V5.1 DB&\'VZ(fr2+_T#Tivoli Access
Manager for Operating Systems 10;'VbVBD2+_T`M#
Z 3 B Q*JbMd(=( 19
Z 4 B D55w
Web >cOk Tivoli Access Manager for Operating Systems D5;
pa)D Tivoli Access Manager D5
*=cp{,w*"P5w0TPDX8D5PvD Tivoli Access Manager D5,Z
Tivoli m~E"PD Web >cOa) Tivoli Access Manager for Operating Systems D
5D`,;Ca):
http://publib.boulder.ibm.com/tividd/td/tdprodlist.html
© Copyright IBM Corp. 2000, 2003 21
Z 5 B zJ/5w
b?VEvK Tivoli Access Manager for Operating Systems DzJ/f>bT}LP
v=DNNV^MJb(|G4\Zz7DnUf>P^}),T0NNQ*Dd(
=(#
;c5w
TB;c5wJCZ Tivoli Access Manager for Operating Systems D;vr`vzJ
/f>#
Setup TEC Event Server for PDOS Nqjb
Setup TEC Event Server for PDOS NqDjb<UT"oT>#
© Copyright IBM Corp. 2000, 2003 23
Z 6 B yw
>E"G*Z@za)Dz7M~qxF(D#IBM I\Zd{zRrXx;a)>D
5PV[Dz7"~qr&\XT#PXz10yZxrDz7M~qDE",kr
z1XD IBM zmI/#NNT IBM z7"Lrr~qD}C"GbZw>r5>
;\9C IBM Dz7"Lrr~q#;*;V8 IBM D*6z(,NN,H&\D
z7"Lrr~q,<ITzf IBM z7"Lrr~q#+G,@@Mi$NNG
IBM z7"Lrr~q,rIC'TP:p#
IBM +>I\Q5Pr}Zjkk>D5PyvDZ]PXDwn({#a)>D5"
4ZhC'9Cb)({DNNmI#zITCif==+mIi/Dy:
IBM Director of LicensingIBM CorporationNorth Castle DriveArmonk, NY 10504-1785 U.S.A.
PX+VZ(DBCS)E"DmIi/,kkzyZzRrXxD IBM *6z(?E*
5,rCif==+i/Dy:
IBM World Trade Asia CorporationLicensing2-31 Roppongi 3-chome, Minato-kuTokyo 106, Japan
>un;JC"zrNNbyDunk1X(I;;BDzRrXx: International
Business Machines Corporation04V41a)>vfo,;=PNNV`D(^[Gw
>D9G5,D)#$,|(+;^Z5,DPXGV("JzMJCZ3VX(C
>D#$#3)zRrXxZ3);WP;Jmb}w>r5,D#$#rK>un
I\;JCZz#
>E"PI\|,<u=f;;<7DX=r!"ms#K&DE"+(Z|D;b
)|D+`k>vfoDBf>P# IBM ITf1TvfoPhvDz7M/rLr
xPDxM/r|D,x;mP(*#
>E"PTG IBM Web >cDNN}C<;G*K=cp{Ea)D,;TNN==
d1TG) Web >cD#$#C Web >cPDJO;G IBM z7JOD;?V,
9CG) Web >cx4DgU+IzTPP##
IBM IT4|O*J1DNN==9CrV"zya)DNNE"x^kTzP#NN
pN#
>LrD;mI=g{*KbPXLrDE"To=gB?D:(i)JmZ@"4(
DLrMd{Lr(|(>Lr).dxPE";;,T0(ii)JmTQ-;;DE
"xP`%9C,kkBPX7*5:
IBM Corporation2Z4A/10111400 Burnet RoadAustin, TX 78758 U.S.A.
© Copyright IBM Corp. 2000, 2003 25
;*qXJ1Du~Mun,|(3)iNBD;(}?D6Q,<IqCb=fD
E"#
>JOPhvDmILr0dyPICDmIJOyI IBM @] IBM M'-i"IBM
zJm~mI-irNN,H-iPDuna)#
K&|,DNNT\}]<GZ\X73PbCD#rK,Zd{Yw73PqCD
}]I\aPwTD;,#P)b?I\GZ*"6D53OxPD,rK;#$k
;cIC53OxPDb?a{`,#Kb,P)b?G(}Fcx@FD,5Ja
{I\aPnl#>D5DC'&1i$dX(73DJC}]#
f0G IBM z7DE"ISb)z7D)&L"dvf5wrd{I+*qCDJO
Pq!# IBM ;PTb)z7xPbT,2^(7OdT\D+7T"f]TrNN
d{XZG IBM z7Dyw#PXG IBM z7T\DJb&1rb)z7D)&L
av#
yPXZ IBM 44=rrbrDyw<If1|DrUX,x;mP(*,|Gvv
m>K?jMb8xQ#
g{z}Tm=4q=i4>E",<,MJ+<}I\^(T>#
Lj
BPuoG International Business Machines Corporation Z@zM/rd{zRrXx
DLj:
AIX
DB2
IBM
IBM Uj
OS/390
SecureWay
Tivoli
Tivoli Uj
zSeries
Lotus G International Business Machines Corporation M Lotus Development Corporation
Z@zM/rd{zRrXxDLj#
Microsoft M Windows NT G Microsoft Corporation Z@zM/rd{zRrXxD"
aLj#
Java MyPyZ Java DLjMUjG Sun Microsystems, Inc. Z@zM/rd{zR
rXxDLj#
UNIX G The Open Group Z@zMd{zRrXxD"aLj#
d{+>"z7M~q{FI\Gd{+>DLjr~qjG#
26 IBM Tivoli Access Manager for Operating Systems: "P5w