1. Manuals
  2. Brands
  3. Novell Manuals
  4. Software
  5. SENTINEL RAPID DEPLOYMENT 6.1 - INSTALLATION GUIDE...
  6. Installation manual

Novell SENTINEL RAPID DEPLOYMENT 6.1 - INSTALLATION GUIDE 12-2009 Installation Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
AUTHORIZED DOCUMENTATION
Installation Guide
Novell
®
Sentinel
Rapid Deployment
TM
6.1
December 2009
www.novell.com
Sentinel 6.1 Rapid Deployment Installation Guide

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SENTINEL RAPID DEPLOYMENT 6.1 - INSTALLATION GUIDE 12-2009 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Novell SENTINEL RAPID DEPLOYMENT 6.1 - INSTALLATION GUIDE 12-2009

Summary of Contents for Novell SENTINEL RAPID DEPLOYMENT 6.1 - INSTALLATION GUIDE 12-2009

  • Page 1 AUTHORIZED DOCUMENTATION Installation Guide Novell ® Sentinel Rapid Deployment December 2009 www.novell.com Sentinel 6.1 Rapid Deployment Installation Guide...
  • Page 2 Further, Novell, Inc., reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes.
  • Page 3 Novell Trademarks For Novell trademarks, see the Novell Trademark and Service Mark list (http://www.novell.com/company/legal/ trademarks/tmlist.html). Third-Party Materials All third-party trademarks are the property of their respective owners.
  • Page 4 Sentinel 6.1 Rapid Deployment Installation Guide...

  • Page 5: Table Of Contents

    Contents About This Guide 1 Introduction Sentinel Rapid Deployment Overview ......... . . 11 Sentinel Rapid Deployment User Interfaces .
  • Page 6 Installing the Client Applications ..........34 4.6.1 Accessing Novell Sentinel 6.1 Rapid Deployment Web Interface ....34 4.6.2 Installing the Sentinel Client Applications .
  • Page 7 8 Uninstalling Sentinel 6.1 Rapid Deployment Uninstalling the Sentinel 6.1 Rapid Deployment Server......73 Uninstalling the Remote Collector Manager and Sentinel Client Applications .
  • Page 8 Sentinel 6.1 Rapid Deployment Installation Guide...

  • Page 9: About This Guide

    ® Sentinel Rapid Deployment is a simplified version of Novell Sentinel that leverages open source PostgreSQL*, activeMQ*, and JasperReports* components. The following sections help you understand and install the major components of the Sentinel Rapid Deployment system.
  • Page 10 In this documentation, a greater-than symbol (>) is used to separate actions within a step and items within a cross-reference path. A trademark symbol (®, ™, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. When a single path name can be written with a backslash for some platforms or a forward slash for other platforms, the path name is presented with forward slashes to reflect the Linux* convention.

  • Page 11: Introduction

    ® The following sections describe the installation and configuration of Novell Sentinel 6.1 Rapid Deployment. The Sentinel 6.1 Rapid Deployment User Guide...

  • Page 12: Sentinel Rapid Deployment User Interfaces

     Built-in incident management and remediation The ability to demonstrate and monitor compliance with internal policies and government  regulations such as Sarbanes-Oxley, HIPAA, GLBA, FISMA, and others. The content required to implement these controls is distributed and implemented through Solution Packs The following is an illustration of the conceptual architecture of Sentinel 6.1 Rapid Deployment, which shows the components involved in performing security and compliance management.

  • Page 13: Sentinel Rapid Deployment Web Interface

    1.2.1 Sentinel Rapid Deployment Web Interface With the Novell Sentinel Rapid Deployment Web interface, you can manage and search Reports and launch the Sentinel Control Center, the Sentinel Data Manager, and the Solution Designer. You can also download the Collector Manager installer and the Client installer from the Application tab of the Sentinel 6.1 Rapid Deployment Web interface.

  • Page 14: Sentinel Plug-In Sdk

    Guide. 1.2.5 Sentinel Plug-in SDK The Sentinel Plug-in SDK includes libraries and code developed by the Novell Engineering, as well as the template and sample code which you can use to begin developing your own projects. For more information, see Sentinel SDK (http://developer.novell.com/wiki/...

  • Page 15: Message Bus

    1.3.2 Message Bus Sentinel 6.1 Rapid Deployment uses the open source message broker named Apache*Active MQ. The message bus is capable of moving thousands of message packets in a second between the components of Sentinel. Its architecture is built around the Java Message Oriented Middleware (JMOM) that supports asynchronous calls between the client and server applications.

  • Page 16: Web Server

    Additional plugins (and updates) are available for download at Sentinel Content Page (http://support.novell.com/products/sentinel/sentinel61rd.html). Some plugins, such as the Remedy* Integrator, the IBM* Mainframe Connector, and the Connector for SAP* XAL, require an additional license for download. Section 1.4.1, “Collectors,” on page 16 ...

  • Page 17: Connectors And Integrators

    Integrators enable remediation actions on systems outside of Sentinel. For example, a correlation action can use the SOAP Integrator to initiate a Novell Identity Manager™ workflow. The optional Remedy AR Integrator provides the ability to create a Remedy ticket from Sentinel events or incidents.
  • Page 18  Japanese Dutch  Polish   Portuguese Simplified Chinese  Spanish   Traditional Chinese Sentinel 6.1 Rapid Deployment Installation Guide...

  • Page 19: What's New In Sentinel 6.1 Rapid Deployment

     Use JasperReports in Solution Packs. 2.2 Comparing Sentinel 6.1 and Sentinel 6.1 Rapid Deployment Features and Capabilities This section compares the features and capabilities of Novell Sentinel 6.1 Rapid Deployment to Novell Sentinel 6.1. Feature Comparison Table 2-1 Features or Capabilities Sentinel 6.1 Rapid Deployment...
  • Page 20 Features or Capabilities Sentinel 6.1 Rapid Deployment Sentinel 6.1 Database The major difference between Sentinel Customer-provided MS SQL or 6.1 Rapid Deployment and previous Oracle* database. versions of Sentinel is the introduction of an embedded Sentinel database, based on the open source PostgreSQL database engine.
  • Page 21 Features or Capabilities Sentinel 6.1 Rapid Deployment Sentinel 6.1 Reporting Reports can be generated, scheduled, Reports can be viewed in the published, and viewed in a browser- Sentinel Control Center. based Web interface. Reports can be scheduled in the New or updated reports can be Crystal server interface.
  • Page 22 Sentinel 6.1 Rapid Deployment Installation Guide...

  • Page 23: Sentinel 6.1 Rapid Deployment System Requirements

    For best performance and reliability, you must install the Sentinel components on approved software and hardware, as listed below, that have been fully quality assured and certified. For the most up-to- date information on the minimum requirements, look for updates at the Novell Documentation site (http://www.novell.com/documentation/sentinel61). ...

  • Page 24: Supported Web Browsers

    Limited Support Limited Certified Limited Support Support NOTE: A demo-only package of Novell® Sentinel™ Rapid Deployment is designed for limited-scale demonstration and testing environments by using 32-bit hardware and operating systems. Customers or partners with a contract for Sentinel Rapid...
  • Page 25 The hardware recommendations for a Sentinel implementation can vary based on the individual implementation, so it is recommended that Novell Consulting Services or any of Novell Sentinel partners be consulted prior to finalizing the Sentinel architecture. The recommendations below can be used as a guideline.

  • Page 26: Virtualization

    Hard Disk 3.4 Virtualization Sentinel 6.1 Rapid Deployment has been extensively tested on VMWare ESX Server, and Novell fully supports Sentinel 6.1 Rapid Deployment in this environment. Performance results in a virtual environment can be comparable to the results achieved in tests on a physical machine, but the virtual environment should provide the same memory, CPU, disk space, and I/O as the physical machine recommendations.

  • Page 27: Installing Sentinel 6.1 Rapid Deployment

    Installing Sentinel 6.1 Rapid Deployment The Sentinel installation package provides you with a simplified single machine server installer to install everything you need to run Sentinel. This section helps you install the major components of the Sentinel 6.1 Rapid Deployment system. Section 4.1, “Installer Overview,”...

  • Page 28: Server Components

    4.1.1 Server Components Sentinel Server Components and Applications Table 4-1 Component Description Database The Sentinel database stores configuration and event data. Message Bus A JMS-based message bus handles communication between components of the Sentinel system. Correlation Engine The correlation engine performs real-time event analysis. Advisor Advisor provides real-time correlation between detected IDS attacks and vulnerability scan output in order to immediately...

  • Page 29: Sentinel 6.1 Rapid Deployment Configuration

    Component Description Sentinel Collector Manager Service that handles connections to event sources, data parsing, mapping, and so on. A Collector Manager is installed on the Sentinel server, but additional Collector Managers can be installed on remote Windows or Linux* machines by using a downloadable installer.

  • Page 30: Prerequisites

    IMPORTANT: Sentinel installations using the full installer should always take place on a clean system. If Sentinel was previously installed on any of the machines, you must first uninstall it. For information on uninstalling previous versions of Sentinel, see the relevant Installation guides on the Novell Documentation Website (http://www.novell.com/documentation/). 4.4.1 Server ...

  • Page 31: Advisor

    4.4.3 Advisor If you want to install Advisor, you must purchase the optional Sentinel Exploit Detection and Advisor Data Subscription. After you have purchased the subscription, use your Novell eLogin to download and update the Advisor data. 4.5 Installing the Sentinel 6.1 Rapid Deployment Server The Sentinel 6.1 Rapid Deployment Server can be installed in the following ways:...
  • Page 32 Enter 2 if you have not purchased the account.  14 (Conditional) If you have purchased subscription for the Advisor account, specify the username and password for your Advisor account, which is the username and password for your Novell elogin account. After installation, you can: Launch the Sentinel 6.1 Rapid Deployment Web interface by using the URL:...

  • Page 33: Non-Root Installation

    5 Set the directory to be owned by the user and group. For example: novell novell chown -R novell:novell /opt/novell 6 Log in as the user. novell su - novell 7 Extract the installer tar file to installation directory you have created. For example: cd /opt/novell tar xfz sentinel6_rd_x86-64.tar.gz...

  • Page 34: Installing The Client Applications

    4.6 Installing the Client Applications Use the Novell Sentinel 6.1 Rapid Deployment Web interface to download the Collector Manager installer and the Client installer. Section 4.6.1, “Accessing Novell Sentinel 6.1 Rapid Deployment Web Interface,” on page 34 ...

  • Page 35: Installing The Sentinel Client Applications

    This is the same language as the language code of the Sentinel server and your local computer. Ensure that your browser's languages setting is configured to support the desired language. 5 Click Sign in. 6 Select Applications. You can download the following: Options Description Action...
  • Page 36 Platform Action  Linux GUI mode: <Install_Directory>/disk1/setup.sh  Console mode: <Install_Directory>/disk1/ setup.sh –console 4 Click the down-arrow and select one of the languages. 5 In the Welcome screen, click Next. 6 Read and accept the End User License Agreement. Click Next. 7 Accept the default install directory or click Browse to specify your installation location.

  • Page 37: Installing The Sentinel Collector Manager

    Communication Server host name: The machine IP or hostname where the Sentinel 6.1  Rapid Deployment server is installed. Ensure that the port numbers are the same as on the Sentinel server at /opt/novell/ to enable communications. Make a <Install_Directory>/config/configuration.xml note of these ports for future installations on other machines.
  • Page 38 Platform Action Windows Run the following command: disk1\setup.bat  Linux GUI mode: <Install_Directory>/disk1/setup.sh  Console mode: <Install_Directory>/disk1/ setup.sh –console 4 Select a language to proceed with the installation. 5 Read the Welcome screen, then click Next. 6 Read and accept the End User License Agreement. Click Next. 7 Accept the default install directory or click Browse to specify your installation location, then click Next.

  • Page 39: Manually Starting And Stopping The Sentinel Services

    13 After the installation, you are prompted to enter the username and password that are used by the ActiveMQ JMS strategy to connect to the broker. Use the username collectormanager, and its corresponding password that is available in the file on the opt/novell/sentinel6_rd_x86-64/config/activemqusers.properties Sentinel server. An example for the credentials available in the is given below: activemqusers.properties...

  • Page 40: Post-Installation Configuration

    Platform Command Linux <Install_Directory>/bin/sentinel.sh stop Windows <Install_Directory>/bin/sentinel.bat stop 4.8 Post-Installation Configuration This section helps you understand the post-installation configuration for the Sentinel 6.1 Rapid Deployment services.  Section 4.8.1, “Configuring an SMTP Integrator to Send Sentinel Notifications,” on page 40 Section 4.8.2, “Collector Manager Services,”...
  • Page 41 By default, it creates events at the rate of 5 events per second (eps). This Collector can be used to test the installation. Additional Collectors can be downloaded from the Novell Web site (http://support.novell.com/products/sentinel/collectors.html). Starting the Collector Manager Services...

  • Page 42: Managing Time

    Exporting an Organizational CA's Self-Signed Certificate (http://www.novell.com/documentation/edir88/ edir88/?page=/documentation/edir88/edir88/data/a7elxuq.html). For exporting an eDirectory CA certificate in iManager, the Novell Certificate Server plug- ins for iManager must be installed. For more information on installing an iManager plug-in, see Downloading and Installing Plug-in Modules (http://www.novell.com/documentation/ imanager27/imanager_admin_273/?page=/documentation/imanager27/imanager_admin_273/ data/hk42s9ot.html).
  • Page 43 For LDAP authentication in Hotfix 2, Active Directory must additionally be configured to allow anonymous searches. For more information, see Configuring Active Directory to Allow Anonymous Queries for NSL LDAP Client (http://www.novell.com/coolsolutions/appnote/ 15120.html). In SP1, this is applicable only if you select “Anonymous searches on LDAP directory”...
  • Page 44 Deployment server. The default location is: <Install_Directory> LDAP directory The value is 1 for Novell eDirectory or 2 for Active Directory. The default value is 1. LDAP server hostname or IP address The hostname or the IP address of the machine where the LDAP server is installed.
  • Page 45 The subtree in the directory that has the user objects. The following are examples for specifying the subtree in eDirectory and Active Directory:  eDirectory: ou=users, o=novell NOTE: For eDirectory, if no subtree is specified, then the search is run on the entire directory.  Active Directory:...

  • Page 46: Configuring Ldap Failover Servers

    For each existing LDAP user, right-click and select User Details and enter the fully qualified DN of the LDAP user in the LDAP User DN field. For more information on creating an LDAP user, see “Creating a User Account Through LDAP Authentication”...

  • Page 47: Ldap Authentication Without Performing Anonymous Searches

    IP:636/DN of the Container that contains the user objects" authIdentity="{USERNAME}@Domain Name" userFilter="(&(sAMAccountName={USERNAME})(objectclass=user))" useSSL=true; For example: LdapLogin { com.sun.security.auth.module.LdapLoginModule required userProvider="ldap://137.65.151.12:636/DC=Test- AD,DC=provo,DC=novell,DC=com" authIdentity="{USERNAME}@Test-AD.provo.novell.com" userFilter="(&(sAMAccountName={USERNAME})(objectclass=user))" useSSL=true; 5 Restart the Sentinel service: /etc/init.d/sentinel stop /etc/init.d/sentinel start Installing Sentinel 6.1 Rapid Deployment...

  • Page 48: Migrating Ldap Users From Sentinel 6.1 Rapid Deployment Hotfix 2 To Sentinel 6.1 Rapid Deployment Sp1

    4.9.4 Migrating LDAP Users from Sentinel 6.1 Rapid Deployment Hotfix 2 to Sentinel 6.1 Rapid Deployment SP1 In Sentinel Rapid Deployment Hotfix 2, LDAP users are created by using the Domain authentication option in the User Manager window of Sentinel Control Center. In Sentinel Rapid Deployment SP1, LDAP users are created by using a new option called LDAP Authentication.

  • Page 49: Security Considerations For Sentinel 6.1 Rapid Deployment

    Security Considerations for Sentinel 6.1 Rapid Deployment This section provides specific instructions on how to securely install, configure, and maintain ® Novell Sentinel™ 6.1 Rapid Deployment.  Section 5.1, “Securing Communication Across the Network,” on page 49 Section 5.2, “Securing Users and Passwords,” on page 51 ...

  • Page 50: Communication Between The Sentinel Server And The Sentinel Client Applications

    <strategy active="yes" id="proxied_client" location="com.esecurity.common.communication.strategy.proxystrategy.ProxiedCl ientStrategyFactory" > <transport type="ssl"> <ssl host="164.99.18.162" port="10013" keystore="./.novell/sentinel/ .proxyClientKeystore" /> </transport> </strategy> For more information on setting up custom server and client certificates, see “Processes” in the Sentinel 6.1 Rapid Deployment User Guide.

  • Page 51: Communication Between The Collector Managers And Event Sources

    Connector can be configured to encrypt their communication with their respective devises. For more information on the possible security features that can be enabled, refer to the Connector and Event source vendor documentation given in the Novell Sentinel Content Page (http:// support.novell.com/products/sentinel/secure/sentinel61.html). 5.1.5 Communication with the Web Browsers The Web server is by default configured to communicate via HTTPS.

  • Page 52: Sentinel Application And Database Users

    /home/novell user is not set by default in order to maximize security. If you want to log in to the system as the novell user, you must set a password for the user after installation. Collector Manager Installation Linux: The installer prompts you to specify the name of the system user who will own the installed files, as well as the location to create its home directory.

  • Page 53: Securing Sentinel Data

    <Installation_Directory>/config/server.xml <class>esecurity.base.ccs.comp.dataobject.ConnectionManager</class> <property name="username">appuser</property> <property name="password">7fA+ogBMeK7cRbJ+S6xJ/ InLBUi+sRVGK5qYycDxfIqGDHVX9FApWg==</property> Advisor Credentials <obj-component id="DownloadComponent"> <class>esecurity.ccs.comp.advisor.feed.NewAdvClientDownload</class> <property name="advisor.downloadfrom.url">https://secure-www.novell.com/ sentinel/advisor/advisordata</property> <property name="username">kveerareddy</property> <!-- Set the password (encrypted) using the adv_change_password script - -> <property name="password">jqhlWIX8HD6GDHVX9FApWg==</property> <property name="compression.enabled">true</property> <!-- Set the following properties to connect through an HTTP proxy.
  • Page 54 Configuration.xml <strategy active="yes" id="jms" location="com.esecurity.common.communication.strategy.jmsstrategy.activemq.Ac tiveMQStrategyFactory" name="ActiveMQ"> <jms brokerURL="ssl:// localhost:61616?wireFormat.maxInactivityDuration=0&amp;jms.copyMessageOnSend= false" interceptors="compression" keystore="../config/ .activemqclientkeystore.jks" keystorePassword="password" password="ebccfebf4ec3dac874494b992a91a3c9" username="system"/> </strategy> das_binary.xml <class>esecurity.base.ccs.comp.dataobject.ConnectionManager</class> <property name="username">appuser</property> <property name="password">7fA+ogBMeK7cRbJ+S6xJ/ InLBUi+sRVGK5qYycDxfIqGDHVX9FApWg==</property> das_core.xml <class>esecurity.base.ccs.comp.dataobject.ConnectionManager</class> <property name="username">appuser</property> <property name="password">7fA+ogBMeK7cRbJ+S6xJ/ InLBUi+sRVGK5qYycDxfIqGDHVX9FApWg==</property> Some database tables store passwords and certificates. This sensitive data is encrypted and is stored in the tables listed below.
  • Page 55 Locations for Configuration Data and Event Data Table 5-1 Components Location for Configuration Data Location for Event Data Sentinel 6.1 Rapid Database tables and the file system Database (EVENTS, Deployment Server CORRELATED_EVENTS, and <Install_Directory>/ config EVT_SMRY_*, AUDIT_RECORD tables) and the file system at This configuration information <Install_Directory>/data/ includes the encrypted database,...

  • Page 56: Backing Up Information

     Load Recovery Certificates. The Novell Sentinel service by default is not configured for the Recovery agent. During server configuration via YaST, ensure that the Recovery agent path is configured. This path should contain the list of certificates that the service can load for the users to select from.

  • Page 57: Securing The Operating System

    Linux Enterprise Server (SLES) 10  SP2 or later. For more information on securing a SLES machine, see the SuSE Linux Enterprise Server 10 documentation (http://www.novell.com/documentation/sles10/ sles_admin/data/part_security.html). Secure access to the Sentinel 6.1 Rapid Deployment server with a firewall. If the Sentinel ...

  • Page 58: Generating An Ssl Certificate For The Server

    5.7 Generating an SSL Certificate for the Server You can replace the self-signed certificate with a certificate signed by a major Certificate Authority (CA), such as VeriSign*, Thawte*, or Entrust*. You can also replace the self-signed certificate with a certificate signed by a less common CA, such as a CA within your company or organization. For more information, see “Certificate Management for Sentinel 6.1 Rapid Deployment Server”...

  • Page 59: Advisor Configuration

    Advisor data to the machine. The Advisor data can be manually downloaded from the following location by using the Novell eLogin and password for the user who is entitled to the Advisor subscription: Advisor Data (https://secure-www.novell.com/sentinel/advisor/advisordata)

  • Page 60: Maintaining Advisor

    6.3 Maintaining Advisor Several maintenance tasks for Advisor that are described in the Sentinel user guide: Changing the password Advisor uses for automatic data updates, if needed   Changing the configuration for Advisor notification mail. Changing the scheduled data update time. ...

  • Page 61: Testing The Sentinel 6.1 Rapid Deployment Installation

    Support (http://support.novell.com/phone.html?sourceidint=suplnav4_phonesup) if necessary. To test the installation: 1 Log in to a Sentinel 6.1 Rapid Deployment Web interface. For more information, see “Accessing the Novell Sentinel Web Interface” in the Sentinel 6.1 Rapid Deployment User Guide. 2 Select the Search page and search for any internal event. One or more events should be returned.
  • Page 62 For more information, refer to “Running Reports” in the Sentinel 6.1 Rapid Deployment User Guide. 4 In the Applications page, click Launch Sentinel Control Center. 5 Log into the system by using the Sentinel Administrative User specified during installation (admin by default). The Sentinel Control Center opens and you can see the Active Views tab with the events filtered by the public filters Internal_Events and High_Severity.
  • Page 63 15 Hold down the Ctrl or Shift key and select multiple events from the Historical Event Query window. 16 Right-click and select Create Incident. Testing the Sentinel 6.1 Rapid Deployment Installation...
  • Page 64 17 Name the incident TestIncident1 and click Create. When a success notification displays, click 18 Click the Incident tab to see the incident you just created in the Incident View Manager. 19 Double-click the incident to display. 20 Close the Incident Window. 21 Click the Analysis tab.
  • Page 65 24 Specify a name, select a filter, select a time period, then click OK. 25 Click Browse to view the list of events and associated details in the Active Browser window. You can view the details such as Collector, Target IP, Severity, Target Service Port, Resource etc.
  • Page 66 28 Click Simple. Simple Rule window displays. Sentinel 6.1 Rapid Deployment Installation Guide...
  • Page 67 29 Use the drop-down menus to set the criteria to Severity=4, then click Next. The Update Criteria window displays. 30 Select Do not perform actions every time this rule fires and use the drop-down menu to set the time period to 1 minute. Click Next. The General Description window displays. 31 Name the rule as TestRule1, provide a description, and click Next.
  • Page 68 33b In the Configure Action window, specify the following:  Specify the action name. For example, CorrelatedEvent Action. Select Configure Correlated Event from the Action drop-down list.  Set the Event Options.   Set the Severity to 5. Specify the EventName. For example, CorrelatedEvent. ...
  • Page 69 38 Select Correlation Engine Manager. Under the Correlation engine, you can see the rule is deployed and enabled. 39 Trigger an event of severity 4 such as failed authentication to fire the deployed correlation rule. For example, open a Sentinel Control Center login window and give wrong user credentials to generate such an event.

  • Page 70: Cleaning Up After Testing

    44 Click each tab to verify that you can access it. 45 Close Sentinel Data Manager. If you proceeded through all of these steps without errors, you have completed a basic verification of the Sentinel system installation. 7.2 Cleaning Up after Testing After completing the system verification, you should remove the objects created for the tests.

  • Page 71: Getting Started

    For more information, see Sentinel 6.1 Rapid Deployment User Guide. Sentinel Solution Packs can help you get started quickly. See The Sentinel Content Page (http://support.novell.com/products/sentinel/ sentinel61.html) for more details. Testing the Sentinel 6.1 Rapid Deployment Installation...
  • Page 72 Sentinel 6.1 Rapid Deployment Installation Guide...

  • Page 73: Uninstalling Sentinel 6.1 Rapid Deployment

    IMPORTANT: Unless you remove the directory, the uninstallation sentinel6_rd_x86-64 of Sentinel 6.1 Rapid Deployment is not complete. 9 Remove the environment variable entries that were added to the novell user's profile: 9a Open the file with vi: .bashrc vi ~novell/.bashrc 9b Remove the following lines from the file: Uninstalling Sentinel 6.1 Rapid Deployment...

  • Page 74: Uninstalling The Remote Collector Manager And Sentinel Client Applications

    APP_HOME=/opt/novell/sentinel6_rd_x86-64 export PATH=$APP_HOME/bin:$PATH 9c Save your changes. 10 Remove the entry from the file from the home directory of the novell user: dbauser .pgpass vi ~novell/.pgpass After uninstalling Sentinel, certain system settings remain, which you can manually remove. These settings should be removed before performing a clean installation of Sentinel, particularly if the Sentinel uninstallation encountered errors.

  • Page 75: Windows

    8 Click Uninstall. 9 Click Finish. 8.2.2 Windows 1 Log in as an Administrator user. 2 Do either of the following:  Select Start > All Programs > Sentinel > Uninstall Sentinel. Select Start > Run, enter , then double-click ...
  • Page 76 %CommonProgramFiles%\InstallShield\Universa contents. 2 Delete the folder (by default: <Install_Directory> C:\Program Files\Novell\Sentinel6 3 Right-click My Computer > Properties > the Advanced tab. 4 Click the Environment Variables button. 5 If they exist, delete the following variables: ESEC_HOME  ESEC_VERSION ...

  • Page 77: A Updating The Sentinel 6.1 Rapid Deployment Hostname

    Updating the Sentinel 6.1 Rapid Deployment Hostname  Section A.1, “Server,” on page 77 Section A.2, “Client Applications,” on page 77  A.1 Server On the Sentinel server, hostname changes are automatically updated during run time or during the installation. If the server does not properly function after a hostname update, you must manually verify the following: ...
  • Page 78 Sentinel 6.1 Rapid Deployment Installation Guide...

  • Page 79: B Troubleshooting Tips

    Identity Audit process is either running, or its uninstall is incomplete. ® Action: Sentinel 6.1 Rapid Deployment and Novell Identity Audit cannot be installed on a same machine. Before you install Sentinel 6.1 Rapid Deployment on the machine where Identity Audit is installed, ensure that you uninstall Identity Audit completely.

  • Page 80: Remote Collector Manager Throws Exception On Windows 2008 When Uac Is Enabled

    B.3 Remote Collector Manager Throws Exception on Windows 2008 When UAC is Enabled Problem: Log in as any user who belongs to the Administrator group. Execute the setup.bat command in a terminal prompt to install the collector Manager. Restart the system or start the Collector Manager services manually, then log in with the same user credentials.

  • Page 81: C Manually Configuring Sentinel 6.1 Rapid Deployment Server For Ldap Authentication

    To configure the Sentinel server by using the script, see ldap_auth_config.sh 1 Login to the Sentinel 6.1 Rapid Deployment server. 2 Change the directory to /opt/novell/<Install_Directory>/config cd /opt/novell/<Install_Directory>/config 3 Open the file in a text editor. auth.login vi auth.login 4 Modify the entry...
  • Page 82 Active Directory LdapLogin { com.sun.security.auth.module.LdapLoginModul e required userProvider="ldap://137.65.151.12:636/ CN=Users,DC=test- AD,DC=provo,DC=novell,DC=com" userFilter="(&(sAMAccountName={USERNAME})(o bjectclass=user))" useSSL=true; 5 Save auth.login 6 Use the Java* keytool program available at to create a <sentinel base>/jre/bin/keytool java keystore named by running the following command: ldap_auth.keystore...

  • Page 83: D Documentation Updates

    This section contains information about documentation content changes made to the Installation Guide for Novell Sentinel 6.1 Rapid Deployment. If you are an existing user, review the change entries to readily identify modified content. If you are a new user, simply read the guide in its current state.
  • Page 84 Section 3.3, “Hardware Requirements,” on Updated the section with the latest test matrix available in page 24 the Sentinel twiki. Fixed the following bugs:  Defect#518925 (http://bugzilla.novell.com/ show_bug.cgi?id=518925)  Defect#519934 (https://bugzilla.novell.com/ show_bug.cgi?id=519934) Chapter 4, “Installing Sentinel 6.1 Rapid Added a new section on configuring Sentinel for LDAP Deployment,”...

This manual is also suitable for:

Sentinel rapid deployment 6.1

Table of Contents