dzsh
For Linux and UNIX computers, Verify Privilege Server Suite includes authorization services that enable users to run with elevated privileges in a restricted shell environment using the dzsh program.
dzsh Audit Event Log Sample
The following is a sample of an audit event log for Centrify Audit Event ID 33001. This log sample documents a user being denied dzsh command execution.The change was made by user=dwirth(type:ad,dwirth@acme.vms) on April 7 at 01:20:12.
Apr 28 10:26:41 sspl1-n2 adclient[1835]: INFO AUDIT_
TRAIL|Centrify Suite|dzsh|1.0|1|dzsh command execution
denied|5|user=root pid=59860 utc=1461864401103 CentrifyEventID=33001
DAInst=AuditingInstallation
DASessID=c72252aa-e616-44ff-a5f6-d3f53f09bb67
status=DENIED service=dzsh command=/usr/share/
Centrifydc/bin/dzinfo reason=sam checking returned false,
user is not allowed to use this command or runas
dzsh Audit Events
dzsh Audit Events
| Event Id | Description | Parameters |
|---|---|---|
| 33000-Deprecated | dzsh command execution granted This event has been deprecated. Use Centrify Event Id 33002 instead, which was introduced in release 2017.3. | command: command runas: username@domain role: role name env: environment variables |
| 33001-Deprecated | dzsh command execution denied This event has been deprecated. Use Centrify Event Id 33003 instead, which was introduced in release 2017.3. | command: command reason: error message |
| 33002 | dzsh command execution granted added in release 2017.3 | command: command runas: username@domain role: role name env: environment variables MfaRequired: whether user was required to do MFA EntityName: Entity Name |
| 33003 | dzsh command execution denied added in release 2017.3 | command: command reason: error message MfaRequired: whether user was required to do MFA EntityName: Entity Name |
| 34000 | dzsh role change granted | fromRole: fromRole toRole: toRole |
| 34001 | dzsh role change denied |