Installing the Verify Privilege Server Suite Agent for *NIX
The Centrify Agent must be installed on each UNIX or Linux computer you want to manage. After you have downloaded platform-specific agents for the operating systems you want to evaluate, you should make sure the software is on the physical or virtual UNIX or Linux computer you are using for the evaluation.
To install the agent package
-
Log on to the UNIX or Linux computer with root privileges.
-
Copy the Centrify Agent for *NIX package for the local operating system to the computer and change to that directory.
-
Extract the contents of the package.
For example, if you have a Red Hat Enterprise Linux based computer, you might enter the following:
gunzip centrify-server-suite-<release>-rhel5-x86_64.tgz
-
Expand the archive file.
For example, if you have a Red Hat Enterprise Linux based computer, you might enter the following:
tar -xvf centrify-server-suites-<release>-rhel5-x86_64.tar
-
Run the install.sh script.
For example, if you are running Red Hat Enterprise Linux you would enter the following:
/bin/sh install.sh
-
Follow the prompts displayed to check whether the local computer is ready for the installation.
If there are errors, you must fix them before installing the software. Warning messages are informational, but do not prevent you from installing the software.
-
Follow the prompts displayed using the following instructions:
| Prompt | Action |
|---|---|
| Do you want to run adcheck to verify your AD environment? | Enter N to skip post-installation checks. |
| Join an Active Directory Domain? | Enter N to join later. |
| Enable auditing on this computer (audit and monitoring service NSS mode)? | Enter Y to enable auditing. |
| Do you want to continue (Y) or re-enter information? | Enter Y to install the default packages. |
| Enable Linux Desktop auditing on this computer? | Enter Y to enable Linux desktop auditing. |
If you have more than one Linux or UNIX computers included in the evaluation, repeat Step 1 through Step 7 on each computer.
-
Verify the installation by running the adinfo command at the UNIX command prompt.
adinfo
This command-line program displays information about the Linux or UNIX computer’s status in Active Directory. At this point, the output should show you that you are not joined, but Licensed Features are enabled.
Joining the Domain
You are now ready to use the adjoin command-line program to join the Linux or UNIX computer to the Active Directory domain you are using for evaluation.
The most basic syntax for the adjoin command is:
adjoin domain -z zone -u username
For more information about adjoin syntax and options, see the man page for the adjoin command.
To join an Active Directory domain from a Linux or UNIX computer
-
Log on to the UNIX or Linux computer with root privileges.
-
Run the adjoin command, specifying the domain, zone, and the account name for an Active Directory administrator with permission to join the domain.
-
Enter the password for the Active Directory account used to join the domain.
-
Verify the UNIX or Linux computer is joined to Active Directory by running the adinfo command.
adinfo
The output should look similar to the following:
Local host name: my-eval
Joined to domain: test.acme.com
Joined as: my-eval.test.acme.com
Pre-win2K name: my-eval
Current DC: dc-mine.test.acme.com
Preferred site: CA
Zone: test.acme.com/acme/zones/HQ
Last password set: 2020-08-14 11:24:32 PDT
CentrifyDC mode: connected
Licensed Features: Enabled -
Restart the Linux or UNIX computer.
Restarting the computer is not required, but is recommended to ensure that all services are restarted.
Verifying your Progress in Access Manager
You now have a Verify Privilege Server Suite-managed computer. To see the computer in Access Manager, expand Zones > Headquarters > Computers. The Linux or UNIX computer is listed under the Computers node. The computer has successfully joined an Active Directory domain and is prepared for access control and privilege management. However, no Active Directory users can log on to the computer yet.