Scanning Linux / Unix sudoer file using Safeguard

Hi Rohit,

When adding a rule in the Account Discovery profile, you can find by Property Constraint: Select this option to search for accounts based on an account's property. Available Unix properties are GID, UID, Name, and Group.

So if the sudoers have a group membership for example in common then you can use the group name property to identify the sudoers users.

https://support.oneidentity.com/technical-documents/one-identity-safeguard-for-privileged-passwords/2.11/administration-guide/48#TOPIC-1350226

Thanks!

Tawfiq

Hi Rohit,

When adding a rule in the Account Discovery profile, you can find by Property Constraint: Select this option to search for accounts based on an account's property. Available Unix properties are GID, UID, Name, and Group.

So if the sudoers have a group membership for example in common then you can use the group name property to identify the sudoers users.

https://support.oneidentity.com/technical-documents/one-identity-safeguard-for-privileged-passwords/2.11/administration-guide/48#TOPIC-1350226

Thanks!

Tawfiq

Thanks for your response Tawfiq.

This is what I was also doing, but in our case there might be users who are directly (manually) added to sudoer file which may or may not be a member of any of the known admin groups. This is not the ideal case but its what we are trying to identify.

I will continue my research and will update something here if I find.

Thanks !!

Rohit Joshi