Modify pm.settings for connection failure

Getting the following error;

pmplugin7.2.2.9:Keystroke logging connection failed to master: localhost”

In order to get plugin clients to work in offline mode instead of connecting to the master, I'm thinking of changing pm.settings "offlinetimeout" to be 0. This should get the clients to run in offline mode.

However, it seems like the plugins aren't pulling the change to pm.settings after changing it on the policy server and restarting the daemon. Is there a way to distribute the pm.settings, or should the plugin be picking up changes on the policy server? And in general, is switching to offline mode the correct thing to be doing in this circumstance?

  • Hello Andrew,

    Jason Bauer here from One Identity Support.

    The pm.settings file is local to each system. The behavior you have described is expected. There isn't a method within the product to distribute the pm.settings file.

    Yes setting "offlinetimeout 0" on the agents in the /etc/opt/quest/qpm4u/pm.settings file forces the service to always perform offline (local-only) policy evaluation for sudo requests.

    Thank you

    Jason Bauer

  • Hi Jason,

    Thanks for the reply! 

    Is there a way of setting up pmgit to distribute the file? Or possibly just using git in some other fashion to have a master copy of pm.settings?