Versions Compared

Old Version 1

changes.mady.by.user Pavel Golubnichiy

Saved on

compared with

New Version Current

changes.mady.by.user Unknown User (anastasia.antonenko)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The section is intended allows to work with manage local and domain accounts.

Adding an account

To add an account to PAM, please follow these steps:

  1. Go to the Accounts section and click Add.
  2. Select the location of the account (resource or domain).
  3. Enter an account name (required) and description (optional).
  4. Set a password. Maximum password length is 4096 characters.
Account search
  1. Check the entered data and save the account.

Account Search

The search is performed in the Accounts section.

Quick

search

Search

Enter Account name in whole or in part in the search bar.

Extended

search

Search

Click Extended search and enter one or more criteria, Account name in whole or in part.
Select account state:

  • Pending
  • Ignored
  • Managed
  • Blocked
  • Removed

Select account location:

  1. Local account
    To search, enter the Resource name or DNS name/IP address in whole or in part.
  2. Domain account
    To search, enter NetBIOS name or DNS name in whole or in part.

Account

page

Page

Page properties
hiddentrue

Image Modified

The profile displays the data specified while adding the account:

  • Name - is  is the account name

  • Location - the  the name of the resource or domain, where the account resides

  • Description - this  this can be an arbitrary text

  • Policy - is  is the set of rules applied to sessions started with the account

  • Password (or a Key) checking date - is  is date and time when the account password or SSH key was last checked

  • Synchronization date -  date and time of the last data synchronization

  • Date added - is the date and time when the account was added to Indeed PAMAxidian Privilege

  • Last change - is  is the date and time when the account was last edited

  • Last password change date - is the date and time when the account password was last changed in Indeed PAM Axidian Privilege database

  • Last password change date on resource/domain  is the date and time when the account password was last changed at the Indeed PAM Axidian Privilege database and at the resource

  • Last SSH key change date - the date and time of the SSH key change in the Indeed PAM Axidian Privilege database
  • Last SSH key change date on resource - the date and time of the SSH key change in the Indeed PAM Axidian Privilege database and on the resource

Permissions

All permissions where the account is used are displayed in the Permissions tab. The following data is displayed for every permission:

  • # - permission number.
  • User - the  the Active Directory user, the permission is given to
  • Organizational unit- OU — OU's name that the resource belongs to
  • Resources - the Resources — the resources that RDP, SSH or web session can be started with the account specified in the permission

Sessions

All active and finished sessions for the account are available at the Sessions tab. The following data is displayed for every session:

  • User - the Active Directory user who initiated the session
  • Account - the account used to start RDP, SSH or web session
  • Organizational unit- OU — OU's name that the resource belongs to
  • Resource - the  the resource that RDP, SSH or web session is started at under the account
  • Connection address- the — the actual address used when opening the session
  • Duration - is — is the session duration
  • Connection- remote — remote connection type (RDP, SSH, user types)
  • Connected to PAM - date Axidian Privilege — date and time when the session was started
  • Finished - date Finished — date and time when the session was finished
  • State - this  this displays the current status of the session (active or finished)

To view detailed information about the session, click on it. To display all sessions for a given account, click Show all.

Events

The account events are displayed in the Events tab. The following data is displayed for every event:

  • Creation time - date and time when the event was created
  • Code - is the event code
  • Event - is  is the event description
  • Component - is the Indeed PAM Axidian Privilege component that generated the event. Initiator is the account that initiated the event generation
  • Initiator - the  the account that initiated the generation of the event

To view detailed information about the event, click on it. To display all events for a given account, click the Show all.

Security

groups

Groups

The Security groups tab displays a list of groups to which the account has been added. 

Note
iconfalse

Built-in security groups are not displayed for domain accounts.

Setting a Policy for an Account

  1. Open the account's profile.
  2. Click Image Added to add or change a policy.

Backtotop
Delay0
Distance250


Divbox
classrightFloat

Table of Contents
printablefalse