Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Appanvil karma designer
summary ACDI Driver Installation Learn More Content
page{"id":"EJyr1dNQxAJdJguiodbJA","name":"page","children":[{"id":"xq8go2x2nzRB53Gl6mcmu","params":{"background":"#ffffff00","padding":79,"gap":10,"image":{"value":"att4292620","target":"_blank","type":"attachment"}},"children":[{"id":"SwCvX77I8YzeID8el1Ux2","name":"row","children":[{"id":"dZPbWKV2EsN6n_Qs5Y85N","name":"column","children":[{"name":"image","params":{"templateId":"full-width","alignment":"start","position":"center center","borderRadius":{"all":0,"bbl":0,"bbr":0,"btl":0,"btr":0,"isIndividualCorners":false},"image":{"value":"att4489217","target":"_blank","type":"attachment"},"width":310,"height":104},"children":[],"id":"oOUmD6T2ENOHmDnopfiXV"},{"name":"text","params":{"templateId":"headline and paragraph","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"ACDI Driver Installation","fontFamily":"unset","color":"#ffffff","fontSize":64,"lineHeight":"70px","fontWeight":700,"letterSpacing":-1}],"align":"left"}]}]}]},"children":[],"id":"VqP8QVcJbpIcJteAnb9xb"},{"name":"button","params":{"templateId":"small button","label":"Learn More","size":"large","shape":"circular","alignment":"start","states":{"idle":{"colors":{"background":"#486AAF"}},"hover":{"colors":{"background":"#1c3c95"}}},"link":{"value":"https://skyproag.atlassian.net/wiki/spaces/Documentat/pages/1048577/1+-+Video+Tutorials#Basic-ACDI-Installation","target":"_blank","type":"link"}},"children":[],"id":"lzkdxxMC-JZk-nCMloks3"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":60,"verticalAlignment":"center"}},{"id":"5gTC-wLx6Abt7H_z-FUDj","name":"column","children":[{"name":"image","params":{"templateId":"full-width","alignment":"center","position":"center center","borderRadius":{"all":0,"bbl":0,"bbr":0,"btl":0,"btr":0,"isIndividualCorners":false},"image":{"value":"att7634993","target":"_blank","type":"attachment"},"width":540,"height":430},"children":[],"id":"I9mL3DVNDAKTji5vQM2F7"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":60,"verticalAlignment":"center"}},{"id":"sJ_W6Nh8Xt4FguMmSMhQR","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":60,"verticalAlignment":"center"}},{"id":"YrSohHBn4-xI7LMUQezzu","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":60,"verticalAlignment":"center"}},{"id":"3pjGIxBYtledL6ItUdDL8","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":60,"verticalAlignment":"center"}},{"id":"m8F56VGx_TDGDmXAo3-XI","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":60,"verticalAlignment":"center"}}],"params":{"layout":[1,1],"gap":100,"minHeight":300,"padding":10,"borderRadius":0}}],"name":"section"},{"id":"RUVuaowNL_HLPmEYpbg9s","params":{"background":"#486AAF","padding":0,"gap":10},"children":[{"id":"1uAS3HYSTaY9Q9TC88WEy","name":"row","children":[{"id":"n1Fx-LalSOlQOnZdBKt6H","name":"column","children":[{"name":"text","params":{"templateId":"headline 1","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Content","letterSpacing":0,"fontWeight":700,"color":"#ffffff","fontSize":40}],"align":"center"}]}]},"children":[],"id":"8LXdNiYEITHGNTXluKb0K"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"8w0q3FJ4QfmJHA6US7K_K","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"xK5J69EI4jk3StSVoyrtT","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jC8ASlTpW025qEWI7GztB","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"BROqJuG_oaR_6AZs6XnG2","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jaUIJ1E2CO8UzQVbBXoc3","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0}}],"name":"section"}]}

...

First of all, we'll need to copy files from the Audit Driver folder.

...

Files from the Server folder are to be copied to the machine where the IDM is installed.

...

All those files need to be copied into opt/NovelCopy the files into:
/opt/novell/eDirectory/lib/direxmldirxml/classes if it's Linux or if it's Windows, then to NetIQ\identity (Linux)
or
C:\NetIQ\Identity manager\NDS\library.

...

lib (Windows)

An example Linux command would be something like:
scp root@acdip:/opt/acdi/AuditDriver/Server/* /opt/novell/eDirectory/lib/dirxml/classes/

After those files are copied, the IDM must be restarted.

...

Files from the Designer folder must be copied to the machine where the Designer is installed.

Later we will add the these libraries you see on the screen to the Designer project.

...

Anchor
step2
step2

...

Also, we'll need a keystore file with certificate or just the certificate which is used in the Audit Server. It's located in the ACDI certs.

...

So, the The keystore we need is keystore.pfx. The required is stored installer automatically created this keystore and generated a self-signed certificate inside this keystore and . It should be copied to the machine with IDM as well.

Also, during installation, the installator automatically creates a keystore and generates a self-signed certificate.

...

The password to this keystore is default – “Change it”.

...

Now we see the previously mentioned self-signed certificate with self-signed root.

...

. Remember where it’s been copied, we will need it later when doing the driver settings. We used /opt/acdi

...

Anchor
step3
step3

Appanvil karma designer
summary Step 3 Import packages
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Step 3 Import packages","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

All files are copied, and we will now Now go to Designer to add the libraries copied in Step 1.

Open the project. Then right click on the Package Catalog and choose “Import package”.

...

Let’s click on “Browse” to select all our packages.

...

Click Open and then on the next window OK.

...

The packages have been imported successfully.

...

Right click on the Driver set . Then we will select “New” and “Driver”.

...

Here we click on “Import Driver Configuration”.

...

Click Browse to be able to select SKyPRO ACDI Base.

...

New -> Driver.

...

Select SKyPRO ACDI Base and click Next

...

On the Select Optional features window, click Next

...

Anchor
step5
step5

Appanvil karma designer
summary Step 5 Set and check the Driver Configuration
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Step 5 Set and check the Driver Configuration","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

Here we can check packages and make some changes in configuration.

...

Next to the “Elasticsearch Server” you must define your server.

The URL you see right now must contain protocol, domain name, and port. If a reverse proxy isn't used, OpenSearch will be here in the URL as well.

...

Let’s set a User which has access to OpenSearch. By default, here we have “osadmin”. Let’s also set a password for this user.

...

Now we will define the path to Keystore and its password.

...

Click Next>, then confirm the installation tasks using Finish.

...

Now ACDI Driver is created.

...

Please open Now it’s time for driver configuration

...

Setting

Description

Driver Name

Just driver name nothing more :)

Audit template

Enter the full path to your template.json (legacy)

Audit License File

Full path to the file containing Audit Driver Licence key on your IDM Server.

Leave blank if you use the Audit Driver along with the Audit Proxy and native OpenSearch.

Audit Index prefix

Alias of writeble audit index. Can be found in Web UI in Administration->Data Connectors->Event Service(<your connection name>)

Please don't change it if you don't know why you are doing it.

Count of retries to fatal error

If driver loose connection to Audit Server, it will try to resend the audit message for the specified amount of times and then will be shutted down.
"0" means no limit of retries

Scroll down to see all the settings.
For Opensearch Server you must define your server. The URL must contain protocol, domain name, and port. If a reverse proxy isn't used, OpenSearch will be here in the URL as well.
For User set a user which has access to OpenSearch, default is “osadmin”. Also set a password for this user.
Lastly set the KeyStore filepath and its password (the one copied in Step 2)

Once done, the settings should look like this

...

Setting

Description

ACDI Server and Opensearch endpoint

URL of your ACDi instance jncluding protocol, domain name, port and endpoint for OpenSearch

OpenSearch document type name

Type of document which will be set in requests

User

Credentials which will be user for authentication. This user must have entitlements to wright to OpenSearch

Password

KeyStore Type

Type of keystore used to hold certificate. PKCS12 and JKS available

KeyStore filepath

Full path to KeyStore

KeyStore passphrase

Password for KeyStore

Click Next. The following window is okay on defaults so click Next again.

...

Setting

Description

Save the Event XML document?

Save whole event xml document to view/use it in ACDI dashboards/reports

Connected System

Value for the parameter "Connected System" which will be attached to event object. If you change this parameter, the dashboard called "NetIQ Audit Dashboard" will not work and should be reconfigured.

Audit SYNC events

Defines if SYNC events will be processed or not

Cut “Old/New Value” to the number of symbols

Limits length of “New Value” and “Old Value” parameters of event object.

Strip attribute "modifiersName”?

"modifiersName" is a special attribute which allows to calculate correct modifier for this event. It should be added into Filter for all classes chosen for auditing. By default its changes aren't audited.
If you need to audit changes of this attribute, please set "false"

Modifier accuracy period (seconds)

If difference between Audit Time and Event Time bigger than specified amount of seconds, calculated Modifier will be marked as "approximate" instead of "calculated"

On Confirm Installation Tasks, click Finish.

...

Now the ACDI Driver has been created.

...

Open Properties and check the Driver configuration, for instance, Startup Option.

...

Please take a look at Tab Trace. The trace level must be 5. You can should also configure or input the fields Trace files and Trace name.

...

Trace file here, we’ll need it in Step 8.

...

Anchor
step6
step6

Appanvil karma designer
summary Step 6 Deploy the Driver
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Step 6 Deploy the Driver","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

...

It’s time to deploy the Driver.

...

...

Image Added

See the deployment results and click OK.

...

...

Info

Please, set Driver security equivalencies equal to objects that have permission to read objects you want to monitor! In other cases, the driver will receive events only about himself!

Anchor
step7
step7

Appanvil karma designer
summary Step 7 Start the Driver
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Step 7 Start the Driver","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

...

After the Driver is started, please check the logs to make sure the license was implemented successfully.

...

...

In the log, you can enter search for either “adjust license” or “getLicenseFromES”.

We see that the license was applied successfully. Also, we can see the Server ID and the License validity.

...

This was the first way to implement a license in an ACDI Driver.

The second way is to copy the Server ID and then create a file with the Server ID as a file name.

...

Go to /opt/ > New > File.

...

Enter your Server ID as a file name. Click OK.

...

Here you see that the file has the copy-pasted license inside. Click Save.

...

The license can also be set manually by adding it as a file on the IDM machine, and pointing to it in the driver properties

...

Create a file on the IDM with the Server ID listed in ACDI, and set its contents to the License key.
For example on Linux, create the file, open in vi and add the contents.

...

Let’s go to ACDI Driver Properties.

...

In the field Audit License file” you need to put a path to the file where you created the license earlier.
Click Apply.

...

Then deploy configurations and restart the Driver.

...

Be aware, reading a license from OpenSearch is a more reliable way to get a current license in comparison to copying and pasting it in Driver Configurations. It will always be up to date with current license validity.

...

For example, we can change the description and see our change in NetIQ Audit Dashboard (:

...

Dashboards -> NetIQ Audit Dashboard -> Load).

...

ACDI Driver was installed and configured successfully.

Please note: If you need to audit and monitor some custom classes or custom attributes, just add them to the ACDI Driver filter.

...

So, this was it – quick and easy installation of a Driver.