The section is intended to search, issue, revoke and suspend permissions.
Permission Search
Search is performed in the Permissions sectionThe search allows you to display only those permissions that meet the specified criteria. There are two types of search:
- Quick search is a search bar. You can only search by one criterion. Text input.
- Extended search is a form with several fields. You can search by several criteria at once. Dropdown lists.
Quick Search
Enter the Permission number, User name, Account, Resource name or Description in whole or in part in the search bar.
Extended Search
Click Extended search and enter one or more criteria, Permission number, Description completely or partially, select User name, Account, Resource or Organizational unit.
Select permission State:
- Valid
- Revoked
- Suspended
- Restricted/Invalid
Select Validity period
You can enter one or several words into the search bar. Words can be written in whole or in part (3 or more letters).
Example
To find a permission with the description Test permission for chief administrator you need to enter any of the words: test, permis, chief, adm.
| Note |
|---|
You can't enter the trailing substring of the word to the search bar. If you enter the mission (the trailing substring of the word permission), this permission will not be found. |
You can search for a permission using two words, e.g. test permis, permis chief, chief adm.
| Note |
|---|
The words in the search query must be in the same order as in the description of the permission. If you enter the permis test, the permission will not be found, because these words follow in the opposite direction in the description of the permission. The words in the search query must match the words that were next to each other in the reason for opening the session. You cannot enter words that have other words between them in the description. If you enter the test adm, the permission will not be found, because there are some other words between these words in the description. |
Extended Search
You can search by one or several criteria. If you select several criteria, permissions that meet all of the listed criteria will be displayed.
Example
If you select ivan.ivanov@company.demo in the User field and Revoked in the State field, then only permissions of this user with this connection type will be displayed.
| Note |
|---|
Only one value can be selected in each field. You will not be able to display the permissions of the users ivan.ivanov@company.demo and peter.ivanov@company.demo by one extended search query. You can do this using a text search for the query ivanov. |
Permission Page
| Page properties | ||
|---|---|---|
| ||
|
The permission page displays the following data:
- Description — custom text
- Organizational unit — the name of organizational unit in which the resource belongs
- Users — Active Directory users for which permission is granted
- Created by — Axidian Privilege administrator account who created the permission
- Сreated at — date and time the permission was created
- Validity period — the dates during which the permission is active
- Access schedule — the time period during which the permission is active
- View account credentials — permission to view the password or SSH key of the access account in the User console
- Resource — the name of the resource on which an RDP, SSH or web session can be opened on behalf of the account specified in the permission
- Connection type — remote connection type (RDP, SSH, custom types)
- Connection address — DNS name or IP address of the resource
- Account — an account that is used to open an RDP, SSH or web session on the resources specified in the permission
| Backtotop | ||||
|---|---|---|---|---|
|
| Divbox | ||||
|---|---|---|---|---|
| ||||
|
...