Tag: ASA
-
Centrally Managing SUDO Rules with Okta Privileged Access
Sudo provides a granular access control mechanism on many *nix variants (if you run a Mac, sudo is the thing prompting for the password when you try to do something). The ability to centrally manage sudo rules and grant access via policy has recently been added to Okta Privileged Access. This article explores the new…
-
Using Custom Labels in OPA for More Flexible Policies
This article looks at the new custom labels feature in Okta Privileged Access (OPA) and how they can be used to make policy management and assignment more flexible. This is a parity feature that was available in Okta Advanced Server Access and is now available in OPA. Labels in Okta Privileged Access When a server…
-
Okta Privileged Access and the Reports API – Who has Access to What and How?
With the release of Okta Privileged Access, an API has also been released to provide programmatic access into objects managed by it, such as servers, secrets and gateways. There is a set of Access Reports APIs to allow for external reporting on who has access to what and how. This article explores the APIs, the…
-
Okta Privileged Access – A Look at the Data Model
This article provides a simplified view of the data model used in Okta Privileged Access (OPA). Note that this is a logical view of data objects and their relationships, and the term “object” is used very loosely (more like data types). Also this is based on the current Early Access product and may change with…
-
Extracting Okta ASA Audit Log with Okta Workflows
The audit logs in Okta Advanced Server Access (ASA) can be viewed in the ASA administrative interface or extracted via the ASA Audit V2 API (and this is what the integrations with SIEM tools do). But what about the situation where you just need to extract all the logs and process them somewhere? You could…
-
Can ASA Work With a Shared User Directory and Linux Servers?
Using a shared user directory for user authentication across server farms has been a common pattern since the 1990’s. Microsoft adopted it with Active Directory, but we’ve had NIS deployments for many years. Can Okta Advanced Server Access (ASA) work where user authentication is delegated to a central shared directory? Yes. This article looks at…
-
Troubleshooting Okta Advanced Server Access (ASA)
This post looks at the tools to use when troubleshooting issues with Okta Advanced Server Access (ASA). It’s not a “if you see this error, go do this” article – Google is great for that! This will look at where to go look for diagnostic info to help troubleshoot issues. Revisiting the Okta Components and…
