Learn about Security and Auditing

ESAM directory structure

Save PDF

ESAM directory structure

Save PDF

Last Updated: May 18, 2026
1 minute read

OpenEdge
Version 12.8
Documentation

ESAM is a fixed and absolute file system space that can apply root and group authorities to protect OpenEdge installation artifacts and the integrity of the OpenEdge root install path, also known as <DLC>.

ESAM is maintained by a hierarchical folder structure stored in the common system directory space on a given system, VM, or container. Each OpenEdge installation on that system is registered to ESAM. ESAM can provide governance for installations of OpenEdge 12.6 or later releases.

The following table lists the files present in the ESAM directory space. These files are used to manage, secure, and validate the OpenEdge root install path registration:


File	Location	Description
`openedge.conf`	On Linux: `/etc/openedge.d/conf/openedge.conf` On Windows: `C:\Windows\System32\openedge.d\conf\openedge.conf`	The configuration file that contains the file path of the safe space.
`oesec.pol`	On Linux: `/etc/openedge.d/conf/oesec.pol` On Windows: `C:\Windows\System32\openedge.d\conf\oesec.pol`	The policy file that contains the configuration about the action when an OpenEdge application detects that the OpenEdge installation path is either not valid or not registered with ESAM. By default, the policy is set to `OESEC_POL_NO_ACTION`. The policy can also be set to `OESEC_POL_QUALIFIED_BLOCK_ACCESS`to direct an OpenEdge application to stop running if the OpenEdge installation is not valid or not registered with ESAM. For more information on how the anonymous policy works, see "Anonymous policy" in Troubleshoot OpenEdge runtime service failures.
`oesec.pol.readme`	On Linux: `/etc/openedge.d/conf/oesec.pol.readme` On Windows: `C:\Windows\System32\openedge.d\conf\oesec.pol.readme`	The text file that lists and describes each of the policies that can be configured for ESAM in the `oesec.pol` file.
`oesec.log`	On Linux: `/etc/openedge.d/audit/oesec.log` On Windows: `C:\Windows\System32\openedge.d\audit\oesec.log`	The audit log of administrative activities and policy violations related to the security of the <DLC>.
`setdlc`	On Linux: `/etc/openedge.d/sbin/setdlc` On Windows: `C:\Windows\System32\openedge.d\sbin\setdlc`	The script used to register the root install path `<DLC>` with ESAM when the installer fails to register it. It can also be used to unregister the OpenEdge root install path <DLC> information from ESAM. When you uninstall OpenEdge, the OpenEdge uninstaller uses this script to unregister the <DLC>. This script is available only to the system administrators.
`valdlc`	On Linux: `/etc/openedge.d/bin/valdlc` On Windows: `C:\Windows\System32\openedge.d\bin\valdlc`	The script used to validate the `<DLC>` path. It is available to any developer or OpenEdge administrator who needs to validate the OpenEdge root install path <DLC>.
`oesec.reg`	On Linux: `/etc/openedge.d/oesec.reg` On Windows: In the Windows registry, at `Computer\HKEY_LOCAL_MACHINE\SOFTWARE\PSC\PROGRESS\OpenEdge-Version\policy\install\oesec.reg`	The Unix Registry file or Windows Registry Key that contains information about the OpenEdge installation, including details about the `<DLC>` path, which assists in its validation. Only the system administrator and OpenEdge administrator roles have access to the operations necessary to manage this file.