All versions of Centrify DirectAudit on all platforms
By default, Centrify DirectAudit use /var/centrifyda to store offline spool and status files. Could this be redirected to a different location and if it could, how?
The following are the steps to redirect DirectAudit to use an alternate working directory
Be sure that the "new directory" is on a filesystem that is mounted early on during boot process and must before Centrify DirectControl and DirectAudit are started.
Be sure "dad.data.dir" parameter in /etc/centrifyda/centrifyda.conf is commented out (i.e. use default /var/centrifyda)
Disable LAM/NSS by running "dacontrol -d"
Stop DirectAudit. For example in AIX, use "stopsrc -s centrifyda"
Copy everything in /var/centrifyda to the new data directory (for example /audit/dadir) and preserve all attributes, permissions and ownerships of files and directories.
Save the current data directory just in case - rename /var/centrifyda to /var/centrifyda.sav
Create a symlink to the new data directory. For example "ln -s /audit/dadir /var/centrifyda"
Restart DirectAudit. For example in AIX, use "startsrc -s centrifyda"
Re-enable LAM/NSS by running "dacontrol -e"
Note: setting parameter “dad.data.dir” in /etc/centrifyda/centrifyda.conf file will have negative unexpected outcome so please do not attempt to use it. Also, this parameter will be deprecated in the future releases.