6.9 Auditing NMAS Events

There are two products you can use to audit NMAS events:

  • NetIQ Audit Secure Logging Server

    You can use the NetIQ Audit Secure Logging Server to install the nmas_en.lsc file. This file is located in the following directories:

    Windows: novell\nds

    Linux: /opt/novell/eDirectory/lib/nds-schema (relative to where eDirectory is installed)

    For information on installing and managing NetIQ Audit, see the NetIQ Audit online documentation.

  • NetIQ Sentinel

    For information on installing and managing NetIQ Sentinel, see the NetIQ Sentinel online documentation.

With either product, you also need to enable NMAS Audit by using the NMAS 3.3 or later plug-in for iManager.

  1. Install the NMAS 3.3 or later plug-in into iManager.

    You can download the NMAS 3.3 or later plug-in from the Novell Download site

  2. In iManager, on the Roles and Tasks menu, click Directory Administration > Modify Object.

  3. Browse for and select the Login Policy object, then click OK.

  4. Click the NMAS tab, then click Settings.

  5. Click the box next to Enable auditing, then click OK.

6.9.1 Using External Certificates with NetIQ Audit

To use an external certificate with NMAS and NetIQ Audit, you must first convert the certificate into two .pem files with the following names:

  • nmascert.pem: This is the file containing the certificate.

  • nmaskey.pem: This is the file containing the private key.

These files need to be copied to the following directories on each platform for each NMAS server in the system:

  • Linux/UNIX: /etc

  • Windows: the return from GetWindowsDirectory (typically c:\windows)

NMAS provides the nmascert.pem and the nmaskey.pem files to the NetIQ Audit platform agent when the log is open, if they exist. If the files don’t exist, NMAS provides the internal certificate and key to the NetIQ Audit platform agent.

6.9.2 Using XDASv2 for Auditing NMAS Events

NMAS events can be audited using XDASv2.

  1. Install the NMAS 3.3 or later plug-in into iManager.

    You can download the NMAS 3.3 or later plug-in from the Novell Download site

  2. In iManager, on the Roles and Tasks menu, click Directory Administration > Modify Object.

  3. Browse for and select the Login Policy object, then click OK.

  4. Click the NMAS tab, then click Settings.

  5. Click the box next to Enable auditing, then click OK.

When NMAS auditing is enabled, if both Platform Agent and XDASv2 modules are installed and configured, NMAS logs events to both Platform Agent and XDASv2. For detailed installation and configuration instructions on XDASv2, refer to the NetIQ XDASv2 Administration Guide.