Scanning Linux / Unix sudoer file using Safeguard

Hello Everyone,

Is there a way to scan the Linux sudoer file for privileged accounts? Does Safeguard provides an ability to do that? I was looking at ways we can do it, like writing a script to login to the machine and scanning the file, but is there a way to do it out of the box.

I am new to Safeguard so if this question appears to be really naive please don't mind.

Thanks !!

Rohit Joshi

0 Tawfiq.Ahmad over 4 years ago

Hi Rohit,

When adding a rule in the Account Discovery profile, you can find by Property Constraint: Select this option to search for accounts based on an account's property. Available Unix properties are GID, UID, Name, and Group.

So if the sudoers have a group membership for example in common then you can use the group name property to identify the sudoers users.

https://support.oneidentity.com/technical-documents/one-identity-safeguard-for-privileged-passwords/2.11/administration-guide/48#TOPIC-1350226

Thanks!

Tawfiq
Cancel
Up 0 Down

Reply

Verify Answer

Reject Answer

Cancel
0 Rohit Joshi over 4 years ago in reply to Tawfiq.Ahmad

Thanks for your response Tawfiq.

This is what I was also doing, but in our case there might be users who are directly (manually) added to sudoer file which may or may not be a member of any of the known admin groups. This is not the ideal case but its what we are trying to identify.

I will continue my research and will update something here if I find.

Thanks !!

Rohit Joshi
Cancel
Up 0 Down

Reply

Verify Answer

Cancel

Endpoint Privilege Management

Scanning Linux / Unix sudoer file using Safeguard