Manualshelf

Planning and Configuring HP DCE 1.8

ManualsBrandsHP ManualsSoftwareHP-UX DCE Software
31323334353637383940
Chapter 1 31
About HP DCE/9000 Version 1.8
Notes, Cautions and Warnings Regarding This Release
Do not use the auth.adm script to activate the HP-UX Integrated login
utilities until after you have set up the accounts necessary for your site
in the DCE security service registry.
The DCE Audit Service
The DCE Audit Service was first released with HP DCE 1.4.x; the DCE
Audit Service provides auditing capabilities for DCE Security and Time
services.
By default, all audit events are disabled (not logged). As part of the
default DCE configuration start-up, the DCEAUDITFILTERON
environment variable is set. When set, the DCEAUDITFILTERON
environment variable specifies that audit event filtering must be utilized
to enable logging the desired set of audit events.
To enable auditing, the auditd server process must be started on any
system where auditing is desired. As part of the standard DCE
configuration start-up for auditd, a set of audit filters is specified for the
Security, DTS and auditd server processes. (You can modify these filters
as necessary for your site.).
You will need to do some planning to determine the degree of audit
proper for your site, and to allow for disk space overhead for your audit
logs. If you want to do some auditing, such as logging and tracking
modifications to the security registry database, audit filtering is highly
recommended. By using audit filtering, it is possible to change the types
of events being audited dynamically, without needing to restart the
servers for the changes to take effect.
Administrators should periodically monitor the size of the Security audit
logs on the Security server machines. Each audit trail log consists of two
files — the actual trail log file and the associated index file. These logs
are in:
/var/opt/dce/security/sec_audit_trail/var/opt/dce/security/sec
_audit_trail.md_index
Other older audit logs may also be present. These can be found under the
same directory, but have a date and time stamp format inserted into the
name. As an example:
sec_audit_trail.1995-08-31-15-19-52sec_audit_trail.1995-08-31-
15-19-52.md_index
For detailed information on the DCE Audit Service, see the OSF DCE