So are the 7.1 agents backwards compatible to v6.7? i.e. we leave the master and replicas as is (on 6.7), and only introduce the new v7.1 agents on the new RHEL7 servers, with the 7.1 agents having the required backwards compatibility to integrate into the 6.7 environment.
Folks, I am going through an upgrade of BoKS 6.7p1 and I am moving straight to BoKS 7.1, while doing this I found out that the BoKS upgrade breaks my ability to perform securid token authentication on the newly upgraded server. I am being told that the change in the RSA agent in the new BoKS code has changed authentication from UDP to TCP and there is a change from the node secret to now they use an SSL cert. Right now my upgrade path requires me to touch RSA for every server that is upgraded. Another little bump in the road is that the name of the server and the name of the agent host record in RSA must match or I can not login. Has anyone else experienced this and do you have any recommendation on how to get around this?
In the Password policies configuration, it's easy to create policy requiring a minimum number of different character types to meet complexity rules to meet your company's standards. It's not uncommon however to see a standard that requires 3 of the 4 character types (uppercase, lowercase, digits, special characters). To meet this standard, you can leverage the regex rules configuration.
The following rules will accomplish this:
pswadm regexp -a '^[[email protected]$%^&*()_=+;:~-]*$' -f EXT -f POS # Defines the acceptable characters for passwords
pswadm regexp -a '^[A-Za-z]*$' -f EXT # Rejects a password containing only upper and lower
pswadm regexp -a '^[A-Z0-9]*$' -f EXT # Rejects a password containing only upper and digit
pswadm regexp -a '^[[email protected]$%^&*()_=+;:~-]*$' -f EXT # Rejects a password containing only upper and symbol
pswadm regexp -a '^[a-z0-9]*$' -f EXT # Rejects a password containing only lower and digit
pswadm regexp -a '^[[email protected]$%^&*()_=+;:~-]*$' -f EXT # Rejects a password containing only lower and symbol
pswadm regexp -a '^[[email protected]$%^&*()_=+;:~-]*$' -f EXT # Rejects a password containing only digit and symbol
So far I've sunk sixty hours into making a functional PoC, which installs and configures a properly running BoKS client. I would like to thank Mark Lambiase for offering me the chance to work on this project as a research consultant for FoxT. I'd also like to thank Ger Apeldoorn for his coaching and Ken Deschene for sparring with me.
I want to configure my alarm logs to email a specific set of users each time there are specific events that come through the BoKS system. I have set my alarm logs to capture the relevant events and I have configured my email server so that I am able to send the mail to the users from a command line interface. In the Domain Settings on the BoKS Control Center GUI, under Audit log configuration, Alarm log command: |/bin/mail -s "Alarm Logs" [email protected][email protected] etc. I am still not receiving any alarm logs through email. I am using postfix and have confirmed correct configuration of the smtp settings. Does anyone have any idea what I might be missing? Thanks.