NetIQ Documentation: Novell Modular Authentication Services 3.3.4 Administration Guide

8.9 Auditing NMAS Events

There are two products you can use to audit NMAS events:

Novell Audit Secure Logging Server

You can use the Novell Audit Secure Logging Server to install the nmas_en.lsc file. This file is located in the following directories:

Windows: novell\nds

Linux, Solaris, and AIX: /opt/novell/eDirectory/lib/nds-schema (relative to where eDirectory is installed)

For information on installing and managing Novell Audit, see the Novell Audit online documentation.
Novell Sentinel

For information on installing and managing Novell Sentinel, see the Novell Sentinel online documentation.

With either product, you also need to enable NMAS Audit by using the NMAS 3.3 or later plug-in for iManager.

Install the NMAS 3.3 or later plug-in into iManager.

You can download the NMAS 3.3 or later plug-in from the Novell Download site
In iManager, on the Roles and Tasks menu, click Directory Administration > Modify Object.
Browse for and select the Login Policy object, then click OK.
Click the NMAS tab, then click Settings.
Click the box next to Enable auditing, then click OK.

8.9.1 Using External Certificates with Novell Audit

To use an external certificate with NMAS and Novell Audit, you must first convert the certificate into two .pem files with the following names:

nmascert.pem: This is the file containing the certificate.
nmaskey.pem: This is the file containing the private key.

These files need to be copied to the following directories on each platform for each NMAS server in the system:

Linux/UNIX: /etc
Windows: the return from GetWindowsDirectory (typically c:\windows)

NMAS provides the nmascert.pem and the nmaskey.pem files to the Novell Audit platform agent when the log is open, if they exist. If the files don’t exist, NMAS provides the internal certificate and key to the Novell Audit platform agent.

8.9.2 Using XDASv2 for Auditing NMAS Events

NMAS events can be audited using XDASv2.

Install the NMAS 3.3 or later plug-in into iManager.

You can download the NMAS 3.3 or later plug-in from the Novell Download site
In iManager, on the Roles and Tasks menu, click Directory Administration > Modify Object.
Browse for and select the Login Policy object, then click OK.
Click the NMAS tab, then click Settings.
Click the box next to Enable auditing, then click OK.

When NMAS auditing is enabled, if both Platform Agent and XDASv2 modules are installed and configured, NMAS logs events to both Platform Agent and XDASv2. For detailed installation and configuration instructions on XDASv2, refer to the Novell XDASv2 Administration Guide.