Your browser does not allow this site to store cookies and other data. Some functionality on this site may not work without them. See Privacy Policy for details on how we would use cookies.

Tectia

Tectia® Manager 6.2

Administrator Manual

Tectia Corporation

This software is protected by international copyright laws. All rights reserved. Tectia® and ssh® are registered trademarks of Tectia Corporation in the United States and in certain other jurisdictions. The Tectia and SSH logos are trademarks of Tectia Corporation and may be registered in certain jurisdictions. All other names and marks are property of their respective owners.

No part of this publication may be reproduced, published, stored in an electronic database, or transmitted, in any form or by any means, electronic, mechanical, recording, or otherwise, for any purpose, without the prior written permission of Tectia Corporation.

THERE IS NO WARRANTY OF ANY KIND FOR THE ACCURACY OR USEFULNESS OF THIS INFORMATION EXCEPT AS REQUIRED BY APPLICABLE LAW OR EXPRESSLY AGREED IN WRITING.

For Open Source Software acknowledgements, see appendix Open Source Software License Acknowledgements in the Administration Manual.

9 September 2011


Table of Contents

1. About This Document
Intended Audience
System Task Flow
Related Documents
Component Terminology
Documentation Conventions
Operating System Names
Directory Paths
Customer Support
2. Installing Management Server
Planning the Management Server Installation
System Requirements of Management Server
Security Precautions
Preparing for Installation
Installing the Management Server Software
Installing on Linux
Installing on Solaris
Using an Oracle Database
Initial Configuration for Management Server
Directory Structure of the Management Server
Files Created during Installation
Files Created during Initial Configuration
Tectia Manager Configuration File
Using Custom Certificate for Administration Interface
Defining Login Banner Message for Administration Interface
Upgrading Tectia Manager
Upgrading Tectia Manager with Sybase Database
Upgrading Tectia Manager with Oracle Database
Removing the Management Server
3. Getting Started with Tectia Manager
Using the Administration Interface
Changing the Superuser Password
Changing the Superuser Timezone
Logging Out
Creating Host Views
Creating Host Groups
Create an Administrator Role for File Transfer Auditors
Creating Admin Account for the Auditor
Creating Admin Group for the Auditor
4. Managing Administrators
Managing Admin Accounts
Creating a New Admin Account
Editing or Deleting an Admin Account
Managing Admin Groups and Permissions
Host-Group Management Rights
System Permissions
Creating a New Admin Group
Editing or Deleting an Admin Group
Configuring Extended Admin Authentication
Configuring LDAP Authentication Parameters
Configuring Certificate Authentication Parameters
Configuring Authentication Settings
Viewing the Audit Logs on Administrator Actions
5. Installing Management Agents
Planning the Management Agent Installation
System Requirements of the Management Agent
Installation Options
After Installation
Managing Initial Configuration Blocks (ICBs)
Creating ICBs
Downloading ICBs
Editing ICBs
Expiring ICBs Manually
Installing Management Agents
Installing Manually on Linux
Installing Manually on Solaris
Installing Manually on AIX
Installing Manually on HP-UX
Installing Manually on Windows
Using Third-Party Software Deployment Tools
Upgrading Management Agents Remotely
Directory Structure of the Management Agent
Unix Platforms
Windows
Removing the Management Agent Manually
Removing from Linux
Removing from Solaris
Removing from AIX
Removing from HP-UX
Removing from Windows
6. Configuring Management Agents
Configuring the Syslog Facility for Management Agent (Unix)
Enabling Log Collection in Management Agent Configuration
Assigning and Deploying Management Agent Configuration
7. Distributed Environment
Managing Distribution Server Hierarchy
Adding Distribution Groups
Editing Distribution Groups
Deploying Distribution Server Hierarchy
8. Managing Host Data
Managing Host Views
Adding and Modifying Host Views
Managing Host Groups
Adding and Modifying Host Groups
Assigning Hosts to Groups
Managing Auto-Assign Rules
Managing the Host Groupings Manually
Advanced Host Search
Viewing Host Info
Collecting Host Logs
Collecting and Viewing Tectia Server Logs
Viewing the Event Logs
Viewing the Audit Logs
Reports on Host Data
Viewing Reports
Viewing System Statistics
Viewing Host Summary Reports
9. Managing Host Authentication
Host Key Management
Host Key Distribution
Host Key GUI
Host Certificate Management
Using Certificates
Prerequisites for Using Certificate Authentication
Configuring PKI Settings for CA
Configuring Enrollment Settings
Enrollment Jobs
Managed Host Certificate
10. Installing Tectia on the Managed Hosts
Importing Tectia Packages into Tectia Manager
Importing Tectia Installation Disk Contents
Importing a Single Tectia Installation Package
Importing Downloaded Update and Upgrade Packages
Installing Tectia Remotely via Tectia Manager
Installing Tectia Client via Tectia Manager
Installing Tectia ConnectSecure via Tectia Manager
Installing Tectia Server via Tectia Manager
Upgrading Tectia Remotely via Tectia Manager
Removing Tectia Remotely via Tectia Manager
11. Configuring SSH Product Settings
Configuring Tectia
Configuration Options
Configuration Task Flow
Tectia Configuration Commands
Advanced XML Configuration
Configuring OpenSSH
Creating New OpenSSH Configurations
Importing OpenSSH Configurations
Enabling SFTP Logging on OpenSSH Server
Viewing and Comparing Configurations
Assigning Configurations per Group
Deploying Configurations
Automatically Detected Changes in Managed Files
Configuring Certificate Authentication
Configuring Certificate Authentication on Tectia Server
Configuring Certificate Authentication on Tectia Client/ConnectSecure
User Certificate Authentication
Other Host Management Options
Stopping and Starting Secure Shell Servers Remotely
12. Auditing Secure and Managed File Transfers
Auditing the File Transfer Data
Generating Reports from File Transfer Logs
Auditing the MFT Events Logs
Generating Reports of MFT Events
13. Maintaining Management Server
Backing Up Configuration Data and Database Files
Creating a Backup
Restoring a Backup
Managing Logs
Configuring the Syslog Facility for Management Server
Deleting or Downloading Logs
Recreating Superusers
Changing External Database Password
Exporting Information from Database
Changing Management Server DNS Address
14. Troubleshooting
Troubleshooting Management Server and Management Agent
Problems with Importing Tectia Software to Management Server
Problems with Management Server
Problems with Management Agents
Problems with LDAP Authentication
A. Advanced Information
Tectia Manager Components
Management Server
Management Agent on Unix
Management Agent on Windows
Management Server Log Collection Process
Default Ports
Automatic Initial Deployment
Activating Automatic Initial Deployment
Installing Remotely
B. Supported Configuration Options
Tectia Configuration Options
Client
Server
Client XML
Server XML
Management Agent Configuration Options
C. Log Messages
D. OSS License Acknowledgements
E. GNU Lesser General Public License version 3
Glossary
Index

===AUTO_SCHEMA_MARKUP===