dzdo

For Linux and UNIX computers, Verify Privilege Server Suite includes authorization services that enable users to run with elevated privileges using the dzdo command line program. The dzdo program is similar to sudo except that, instead of using a sudoers configuration file, the program uses the role-based access rights for zones stored in Active Directory.

dzdo Audit Event Log Sample

The following is a sample of an audit event log for Centrify Audit Event ID 30004. This log sample documents that the dzdo service has been granted authorization.The change was made by user=dwirth(type:ad,dwirth@acme.vms) on April 7 at 01:20:12.

Apr 7 01:20:12 engcen6 adclient[2191]: INFO AUDIT_ 
TRAIL|Centrify Suite|dzdo|1.0|0|dzdo 
granted|5|user=dwirth(type:ad,dwirth@acme.vms) 
pid=32224 utc=1460010012602 Centrify EventID=30004 
DAInst=AuditingInstallation DASessID=c72252aa-e616 
-44ff-a5f6-d3f53f09bb67 status=GRANTED 
service=dzdo command=/bin/vi runas=root role=ROLE_SYSTEM_ 
Archt/Global env=(none)

dzdo Audit Events

dzdo Audit Events

dzdo command execution ends added in release 18.11
Event Id Description Parameters
30000-Deprecated dzdo granted This event has been deprecated. Use Centrify Event Id 30004 introduced in release 2017.3 instead. command: command runas: username@domain role: role name env: environment variables
30001-Deprecated dzdo denied This event has been deprecated. Use Centrify Event Id 30005 introduced in release 2017.3 instead. If the command is valid and requires authentication, Centrify Event Id 30005 is generated in release 2017.3 (and later versions) to show whether MFA is required or not. command: command runas: username@domain reason: error message
30002 Trouble ticket entered ticket: ticket
30004 dzdo granted added in release 2017.3 command: command runas: username@domain role: role name env: environment variables MfaRequired: whether user was required to do MFA EntityName: Entity Name
30005 dzdo denied added in release 2017.3 command: command runas: username@domain reason: error message MfaRequired: whether user was required to do MFA EntityName: Entity Name
30100 dzdo command execution starts added in release 18.11 command: command runas: username@domain role: role name env: environment variables MfaRequired: whether user was required to do MFA EntityName: Entity Name
30101 dzdo command execution ends added in release 18.11

command: command

exitcode: exit code