Versions Compared

Old Version 2

changes.mady.by.user Yuriy Ostrovskiy

Saved on

compared with

New Version Current

changes.mady.by.user Ivan Babich

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Appanvil karma designer
summary ACDI Driver Installation Learn More Content
page{"id":"EJyr1dNQxAJdJguiodbJA","name":"page","children":[{"id":"xq8go2x2nzRB53Gl6mcmu","params":{"background":"#ffffff00","padding":79,"gap":10,"image":{"value":"att4292620","target":"_blank","type":"attachment"}},"children":[{"id":"SwCvX77I8YzeID8el1Ux2","name":"row","children":[{"id":"dZPbWKV2EsN6n_Qs5Y85N","name":"column","children":[{"name":"image","params":{"templateId":"full-width","alignment":"start","position":"center center","borderRadius":{"all":0,"bbl":0,"bbr":0,"btl":0,"btr":0,"isIndividualCorners":false},"image":{"value":"att4489217","target":"_blank","type":"attachment"},"width":310,"height":104},"children":[],"id":"oOUmD6T2ENOHmDnopfiXV"},{"name":"text","params":{"templateId":"headline and paragraph","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"ACDI Driver Installation","fontFamily":"unset","color":"#ffffff","fontSize":64,"lineHeight":"70px","fontWeight":700,"letterSpacing":-1}],"align":"left"}]}]}]},"children":[],"id":"VqP8QVcJbpIcJteAnb9xb"},{"name":"button","params":{"templateId":"small button","label":"Learn More","size":"large","shape":"circular","alignment":"start","states":{"idle":{"colors":{"background":"#486AAF"}},"hover":{"colors":{"background":"#1c3c95"}}},"link":{"value":"https://skyproag.atlassian.net/wiki/spaces/Documentat/pages/1048577/1+-+Video+Tutorials#Basic-ACDI-Installation","target":"_blank","type":"link"}},"children":[],"id":"lzkdxxMC-JZk-nCMloks3"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":60,"verticalAlignment":"center"}},{"id":"5gTC-wLx6Abt7H_z-FUDj","name":"column","children":[{"name":"image","params":{"templateId":"full-width","alignment":"center","position":"center center","borderRadius":{"all":0,"bbl":0,"bbr":0,"btl":0,"btr":0,"isIndividualCorners":false},"image":{"value":"att7634993","target":"_blank","type":"attachment"},"width":540,"height":430},"children":[],"id":"I9mL3DVNDAKTji5vQM2F7"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":60,"verticalAlignment":"center"}},{"id":"sJ_W6Nh8Xt4FguMmSMhQR","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":60,"verticalAlignment":"center"}},{"id":"YrSohHBn4-xI7LMUQezzu","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":60,"verticalAlignment":"center"}},{"id":"3pjGIxBYtledL6ItUdDL8","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":60,"verticalAlignment":"center"}},{"id":"m8F56VGx_TDGDmXAo3-XI","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":60,"verticalAlignment":"center"}}],"params":{"layout":[1,1],"gap":100,"minHeight":300,"padding":10,"borderRadius":0}}],"name":"section"},{"id":"RUVuaowNL_HLPmEYpbg9s","params":{"background":"#486AAF","padding":0,"gap":10},"children":[{"id":"1uAS3HYSTaY9Q9TC88WEy","name":"row","children":[{"id":"n1Fx-LalSOlQOnZdBKt6H","name":"column","children":[{"name":"text","params":{"templateId":"headline 1","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Content","letterSpacing":0,"fontWeight":700,"color":"#ffffff","fontSize":40}],"align":"center"}]}]},"children":[],"id":"8LXdNiYEITHGNTXluKb0K"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"8w0q3FJ4QfmJHA6US7K_K","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"xK5J69EI4jk3StSVoyrtT","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jC8ASlTpW025qEWI7GztB","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"BROqJuG_oaR_6AZs6XnG2","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jaUIJ1E2CO8UzQVbBXoc3","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0}}],"name":"section"}]}

...

System requirements for ACDI

...

Unzip and start the installation

...

...

...

Anchor
step1
step1

Appanvil karma designer
summary System requirements for ACDI Step 1 Copy files from the folders
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"System requirements for ACDIStep 1 Copy files from the folders","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

Today we'll go through ACDI installation. On this screen you may see the system requirements for ACDI.

These requirements are:

  • Minimum 4 cores from 16 to 32GB of RAM

  • Root access

  • At least 100GB of disk space

  • Red Hat version 8, SLES 15 or Ubuntu 22. Any other Linux may be used on demand.

  • Open in port 3119 to outside. It will be required to send data from a machine with IDM to a machine with ACDI.

...

Anchorinstallationinstallationwe will install an ACDI Driver and connect it to ACDI.

...

First of all, we'll need to copy files from the Audit Driver folder

...

Files from the Server folder are to be copied to the machine where the IDM is installed.

...

Copy the files into:
/opt/novell/eDirectory/lib/dirxml/classes (Linux)
or
C:\NetIQ\Identity manager\NDS\lib (Windows)

An example Linux command would be something like:
scp root@acdip:/opt/acdi/AuditDriver/Server/* /opt/novell/eDirectory/lib/dirxml/classes/

After those files are copied, the IDM must be restarted.

Files from the Designer folder must be copied to the machine where the Designer is installed.

Later we will add these libraries to the Designer project.

...

Anchor
step2
step2

Appanvil karma designer
summary Unzip and start the installation Step 2 Keystore and a self-signed certificate
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Unzip and start the installationStep 2 Keystore and a self-signed certificate","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

Now let's go to the terminal, to the machine where we'll install ACDI.

 We'll need root access, as well as the zip file with ACDI. Let's unzip it. We install into the OPT folder.

...

Okay, let's go inside. Here we’ll need to start ./install.sh.

...

AnchorextractionextractionAlso, we'll need a keystore file with certificate or just the certificate which is used in the Audit Server. It's located in the ACDI certs.

...

The keystore we need is keystore.pfx. The installer automatically created this keystore and generated a self-signed certificate inside this keystore. It should be copied to the machine with IDM. Remember where it’s been copied, we will need it later when doing the driver settings. We used /opt/acdi

...

Anchor
step3
step3

Appanvil karma designer
summary Check the hostname and extract all components Step 3 Import packages
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Check the hostname and extract all componentsStep 3 Import packages","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

So, we know that the hostname of our machine – Linux Nzdp – is resolvable and we'll use it in the ACDI installation.

...

Let's extract all components. Now the files are extracted.

...

Anchorstep1step1Now go to Designer to add the libraries copied in Step 1.

Open the project. Then right click on the Package Catalog and choose “Import package”.

...

Let’s click on “Browse” to select our packages.

...

Click Open and then on the next window OK.

...

The packages have been imported successfully.

...

Anchor
step4
step4

Appanvil karma designer
summary Step 1 Choose or create an ACDI user4 Create a Driver
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Step 1 Choose or create an ACDI user4 Create a Driver","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

As the next step, we need to choose whether we'll use an existing Linux user or create a new one.

By default, the Install script suggests that we create a user with the name acdi.

Press Enter to use the default name.

...

Anchorstep2step2Now let's create a Driver with the help of the following sequence of actions.

Right click on the Driver set . Then we will select New -> Driver.

...

Select SKyPRO ACDI Base and click Next

...

On the Select Optional features window, click Next

...

Anchor
step5
step5

Appanvil karma designer
summary Step 2 ACDI Server hostname5 Set and check the Driver Configuration
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Step 2 ACDI Server hostname5 Set and check the Driver Configuration","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

Now we need to define a resolvable FQDN for the ACDI instance.

...

Appanvil karma designer
summary Step 3 Configure ACDI Local-admin service account
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Step 3 Configure ACDI Local-admin service account","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

In step #3 we'll need to define the name of a local account that will have administrative rights and access to all components.

Press Enter to use the default ACDI admin.

...

Now we need to set a default password for this user.

We will need this user to be able to configure a connection to ACDI in ACDI Driver in IDM.

...

Appanvil karma designer
summary Step 4 Configure Opensearch admin service account
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Step 4 Configure Opensearch admin service account","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

This user will have access to the OpenSearch dashboards.

...

Appanvil karma designer
summary Step 5 Configure OSD service account
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Step 5 Configure OSD service account","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

Press Enter to use the default OSD admin.

...

it’s time for driver configuration

...

Setting

Description

Driver Name

Just driver name nothing more :)

Audit template

Enter the full path to your template.json (legacy)

Audit License File

Full path to the file containing Audit Driver Licence key on your IDM Server.

Leave blank if you use the Audit Driver along with the Audit Proxy and native OpenSearch.

Audit Index prefix

Alias of writeble audit index. Can be found in Web UI in Administration->Data Connectors->Event Service(<your connection name>)

Please don't change it if you don't know why you are doing it.

Count of retries to fatal error

If driver loose connection to Audit Server, it will try to resend the audit message for the specified amount of times and then will be shutted down.
"0" means no limit of retries

Scroll down to see all the settings.
For Opensearch Server you must define your server. The URL must contain protocol, domain name, and port. If a reverse proxy isn't used, OpenSearch will be here in the URL as well.
For User set a user which has access to OpenSearch, default is “osadmin”. Also set a password for this user.
Lastly set the KeyStore filepath and its password (the one copied in Step 2)

Once done, the settings should look like this

...

Setting

Description

ACDI Server and Opensearch endpoint

URL of your ACDi instance jncluding protocol, domain name, port and endpoint for OpenSearch

OpenSearch document type name

Type of document which will be set in requests

User

Credentials which will be user for authentication. This user must have entitlements to wright to OpenSearch

Password

KeyStore Type

Type of keystore used to hold certificate. PKCS12 and JKS available

KeyStore filepath

Full path to KeyStore

KeyStore passphrase

Password for KeyStore

Click Next. The following window is okay on defaults so click Next again.

...

Setting

Description

Save the Event XML document?

Save whole event xml document to view/use it in ACDI dashboards/reports

Connected System

Value for the parameter "Connected System" which will be attached to event object. If you change this parameter, the dashboard called "NetIQ Audit Dashboard" will not work and should be reconfigured.

Audit SYNC events

Defines if SYNC events will be processed or not

Cut “Old/New Value” to the number of symbols

Limits length of “New Value” and “Old Value” parameters of event object.

Strip attribute "modifiersName”?

"modifiersName" is a special attribute which allows to calculate correct modifier for this event. It should be added into Filter for all classes chosen for auditing. By default its changes aren't audited.
If you need to audit changes of this attribute, please set "false"

Modifier accuracy period (seconds)

If difference between Audit Time and Event Time bigger than specified amount of seconds, calculated Modifier will be marked as "approximate" instead of "calculated"

On Confirm Installation Tasks, click Finish.

...

Now the ACDI Driver has been created.

...

Open Properties and check the Driver configuration, for instance, Startup Option.

...

In Driver Parameters > Subscriber Options you will see the configurations you entered while creating the Driver.

...

Note: Sometimes you need to enter the passwords again but it is okay; sometimes this happens.

...

Please take a look at Tab Trace. The trace level must be 5. You should also configure Trace file here, we’ll need it in Step 8.

...

Anchor
step6
step6

Appanvil karma designer
summary Step 6 Configure LDAP connectionDeploy the Driver
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Step 6 Configure LDAP connectionDeploy the Driver","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

Now we need to select what LDAP connection will be used as the default connection to eDirectory or to Active Directory.

Here we'll use eDirectory.

...

Now we need to define a resolvable FQDN of the LDAP server.

Please don't forget to set the port.

...

So, this is the account which has access and can read data from the LDAP server.

Now we need to set its password.

...

Note: If, for some reason, the connection was broken and installation was interrupted during any of the steps, we can run ./install.sh one more time and continue from the place where the installation has been interrupted.

...

Great! The connection to the LDAP server has been established. The authorization is successful.

...

}

It’s time to deploy the Driver.

...

Image Added

See the deployment results and click OK.

...

Info

Please, set Driver security equivalencies equal to objects that have permission to read objects you want to monitor! In other cases, the driver will receive events only about himself!

Anchor
step7
step7

Appanvil karma designer
summary Step 7 Configure AuditReport ServiceStart the Driver
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Step 7 Configure AuditReport ServiceStart the Driver","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

Next step will be to configure the CRON string to be able to run the Audit report service.

By default, the CRON string shows that each day at 01:05 AM, a report service takes snapshots of a directory.

Let’s press Enter to use the default settings.

...

Let’s now start the Driver.

...

Anchor
step8
step8

Appanvil karma designer
summary Steps 8 and 9 Install Autostart Scripts and start ACDI components. A self-signed certificate Step 8 Implement the License
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Steps 8 and 9 Install Autostart Scripts and start ACDI components. A self-signed certificateStep 8 Implement the License ","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

So, let's install AutoStart Scripts and start ACDI components.

...

Services will be started one by one with checks, which can take some time.

Here we can see that the installation has finished successfully. During installation, the start script creates a self-signed certificate. We can see a notification message.

...

Let's use our local admin account.

...

The ACDI installation is completed successfully.

...

":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

After the Driver is started, please check the logs to make sure the license was implemented successfully.

...

In the log, you can search for either “adjust license” or “getLicenseFromES”.

We see that the license was applied successfully. Also, we can see the Server ID and the License validity.

...

The license can also be set manually by adding it as a file on the IDM machine, and pointing to it in the driver properties

...

Create a file on the IDM with the Server ID listed in ACDI, and set its contents to the License key.
For example on Linux, create the file, open in vi and add the contents.

...

Let’s go to ACDI Driver Properties.

...

And then to Driver Configuration > Driver Parameters > Subscriber Options.

In the field Audit License file” you need to put a path to the file where you created the license earlier.
Click Apply.

...

Then deploy configurations and restart the Driver.

...

Be aware, reading a license from OpenSearch is a more reliable way to get a current license in comparison to copying and pasting it in Driver Configurations. It will always be up to date with current license validity.

Anchor
step9
step9

Appanvil karma designer
summary Adding a License Step 9 Quick check-up on NetIQ Audit Dashboard
page{"name":"page","children":[{"id":"kgu7ez0ZR4iGYuNl5RPMP","params":{"background":{"light":"#486AAF","dark":"#1d2125"},"padding":0,"gap":10},"children":[{"id":"lc_gxkmUyn4VZdOKO1bxq","name":"row","children":[{"id":"B8S3dZ9H1rs8106ym0lWp","name":"column","children":[{"name":"text","params":{"templateId":"headline 2","value":[{"type":"paragraph","children":[{"type":"paragraph","children":[{"text":"Adding a LicenseStep 9 Quick check-up on NetIQ Audit Dashboard","letterSpacing":0,"fontWeight":700,"fontSize":42,"color":{"light":"#ffffff"}}],"align":"center"}]}]},"children":[],"id":"e6Uv6MfBEeYC3o03y_99H"}],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"rG8QUHBlr3ITcpd_zVPkX","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"jNpVaMfv0lOf3jbCIdWs1","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"IA7LwcH2bIreABYiAe-xd","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"R8kdidyMrcBk8WPcmjil4","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}},{"id":"NdLrdb7AIqvs55vEOQu4I","name":"column","children":[],"params":{"borderRadius":{"all":0,"btl":0,"bbl":0,"btr":0,"bbr":0,"isIndividualCorners":false},"padding":0,"gap":20,"verticalAlignment":"center"}}],"params":{"layout":[1],"gap":10,"minHeight":70,"padding":10,"borderRadius":0,"size":"full"}}],"name":"section"}],"id":"2O4cLz7m7_KBCA9jRZglT"}

The next step to be able to start using ACDI is to create a license with the help of the server ID. It can be found in Administration > Audit Server. Just copy and send the server ID to SKyPRO support so that we can create a license for you.

...

When you have a license, copy and paste it in the appropriate field.

Click “Save”

...

Then please restart the core engine: Tab Core Engine > Restart.

...

Now let’s refresh the page. On the Home page at the bottom, you will see information about the license: the company name for which the license was issued and its validity.

...

This was the basic ACDI installation.

 Note: later, if you need to change the certificate, you'll need to go to /opt/acdi4.0.3/certs and replace the certificate in keystore.pfx. Restart the Audit Proxy and Audit Server Services.

...

Should you have any questions or difficulties, please contact us at any time swsupport.skypro@skypro.chAfter the Driver is started, let's do a quick check up in NetIQ Audit Dashboard.

...

For example, we can change the description and see our change in NetIQ Audit Dashboard:

...

Dashboards -> NetIQ Audit Dashboard -> Load

...

ACDI Driver was installed and configured successfully.

Please note: If you need to audit and monitor some custom classes or custom attributes, just add them to the ACDI Driver filter.

...

So, this was it – quick and easy installation of a Driver.