Discovery of Linux servers with PBRUN instead of sudo

SNOW9 · ‎05-04-2020

Hi All,

We have a requirement where we need to do a Linux discovery through Powerbroker, where the credentials are installed for the servers, now when we try to use the pbrun as a privileged command and iniiate a discovery on one of the linux servers, the Mid server logs shows the SSHSessionPoolKey still has sudo as Privileged command.

However going deeper in the logs we can see pbrun being executed. Attaching Logs file for reference.

We need to know if anyone has actually implemented Discovery with Powerbroker.

Also we need to understand that is it possible to use Jump server and install Mid Server on that Jump server and then doing a Linux Discovery through Powerbroker

@tim.broberg : Can you please help here?

Regards,

Shub

SNOW9 · ‎07-02-2020

If anyone faces this issue in Future, this is what we need to do, somehow the patterns intrinsically choose the Privileged commands once selected on Mid Server, however the logs are deceiving, but better rely on the debug Mode of Patterns and check if PBRUN is being executed on target server.

Powerbroker Master has to relay the permissions to target daemons, so it is necessary the linux team configures the Powerbroker master correctly such that the commands which require privileged access such as lsof and dmidecode are being executed on daemons with pbrun.

View solution in original post

SNOW9 · ‎07-02-2020

If anyone faces this issue in Future, this is what we need to do, somehow the patterns intrinsically choose the Privileged commands once selected on Mid Server, however the logs are deceiving, but better rely on the debug Mode of Patterns and check if PBRUN is being executed on target server.

Powerbroker Master has to relay the permissions to target daemons, so it is necessary the linux team configures the Powerbroker master correctly such that the commands which require privileged access such as lsof and dmidecode are being executed on daemons with pbrun.