Centrify DirectAudit 2.0.x
Is it possible to open a DA 2.x installation with DA console 3.x?. When its opened, a warning (advisory) is issued to notify customer that "console upgrade is available".
The goal here is the Analyzer/Auditor console will be used and auditor (s) need to have from a single console with the ability to review both Unix/Linux AND Windows audited sessions. Its not possible to upgrade completely to DA 3.x infrastructure due to standards. As it's not possible to install two different versions of the Console on the same computer, are there any alternatives?
In a nutshell, per our design, DA 3.x cannot talk to an older DA installation/database (in this example, DA 2.x). This is enforced and cannot be bypassed.
Old console (e.g. DA 2.x) can still talk to new DA installation/database (e.g. DA 3.x) but it will show an advisory warning that console upgrade is available; this warning can be ignored. Administrative functions should not be performed.
When using older console with new installation/database, the following behavior is expected and inevitable:
1) Available features – New installation/database typically introduces new features which are made available through new console UI. If customer is using old console, they will miss these features even though the backend database is supporting them. E.g. In DA 3.x, its possible to disable video auditing using UI provided in
DA 3.x Audit Manager console; When using older console, its not possible to change these settings.
2) Potential dangerous operations – When using old console with new installation, all administrative operations that result into a new database must be avoided.
This includes operations such as creating new Audit Store database or setting it active or attaching an older Audit Store database. When creating a new Audit Store database using older console, it will simply try to create database complying with older schema and the operation will fail. Therefore administrative operations should not be performed.
3) Safe operations – Some operations are considered safe even when using older console to connect to newer installation. This includes actions such
as “Creating new Audit Role”, “Adding users to existing Audit Role”, “Replaying sessions using Audit Analyzer/Auditor Console”, “Changing review status of session”
and many more.
4) Unsupported operations – Newer version of database/installation may support new query syntax for searching sessions. If customer is using older version
of console, it may not understand this syntax and throw an error when executing a saved query. E.g. In DA 3.x, user can search for sessions that are “marked to be deleted”; DA 2.x does not understand what is “marked to be deleted”. If user X creates a new shared query that searches for all such sessions and then another
user Y tries to run that query using older version of console, it will throw an error.
5) Other missing features are audit Events and reports.
6) The ability to “Delete session” using the console (In 3.x console, when you right click on a session, the menu shows “Delete” option) is not available in 2.x console