Versions Compared

Old Version 1

changes.mady.by.user Pavel Golubnichiy

Saved on

compared with

New Version Current

changes.mady.by.user Pavel Golubnichiy

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Adding a resource

To manage the resource local accounts and to provide for access to the resource to the directory users, you have to add a new resource to the Indeed PAM.

  1. Switch to Resources section and click Add.

  2. Fill in the Resource name and name, DNS name/IP Address and Description fields.

    Note
    iconfalse

    For Windows resources, you shold specify the real computer name, as it is used to start a session.

    Image Removed

    Configure User connection:
    Configuration of user connection with RDP or SSH type:
  3. Select the Connection type - RDP or SSH
    4. Specify the Address (DNS address/IP address)

    .


    Note
    iconfalse

    When specifying an IP address make sure it is static.




User connection setup

For each resource, you need to configure a custom connection that will be used to open a session on the resource.

RDP connection setup

  • Select RDP Connection type

  • Fill in Address (DNS name/IP address) to connect to the resource

    Note
    iconfalse

    If

non-standard port is used for RDP or SSH connections, then it must be specified in the Port field.If

  • you need to open a

terminal

  • session with the mstsc /admin

option

  • parameter,

check

  • enable the

box "

  • Run as administrator

"

  • option

Image Removed

  • Image Added

Configuration of user connection with web type:

  • Select the Connection type  - web.
Note
iconfalse
This connection type is missing in the list by default. The procedure of creating and configuring a new connection type is detailed in the Configurationsection.
  • Specify the web application URL and login page URL.
Image Removed
  • Configure Service connection.

    • Activate the Use connector for service connection.

    Note
    iconfalse

    If you plan to use a local account of the resource as the service one, then this setting can be skipped. You can return to it after an account for the resource is added. If an Active Directory domain is added to Indeed PAM, then you can use a domain account as service one.

    Configuration of service connection with Windows type:

  • Select Connector - Windows.
    • Specify the Address (DNS name/IP address)
    Image RemovedConfiguration of service connection with SSH type:
  • Select Connector - SSH.

    • Select the connection template.

    SSH connection setup

    • Select SSH Connection type

    • Fill in Connection address to connect to the resource
      Image Added


    User connection setup

    In Indeed PAM, RDP and SSH connections are standard. Other connection types, for example, a web session or connection to a DBMS, are configured separately for each target application. Below we will consider examples of configuring a connection to the web console Citrix NetScaler and MS SQL Managemet Studio. After Indeed PAM installation, these types of connections will not be in the list of connections. To create a new connection type, you need to contact Indeed technical support.

    Web session setup

    • Select Citrix NetScaler Connection type
    • Fill in URL of web application

    • Fill in Sign-in page URL of web application (if different)
      Image Added

      Note
      iconfalse

      If the Sign-in page URL may not match the specified value after accessing it, then enable the Regular expression option, the option allows you to specify an expression that will match any address value.


    DBMS connection setup

    Note
    iconfalse
    There are no templates for SSH service connection by default. The procedure of creating and configuring a new connection type is detailed in Configurationsection.

    Specify the Address (DNS name/IP address)

    Note
    iconfalse

    If non-standard port is used for SSH connections, then it must be specified in the Port field.

    Image RemovedConfiguration of service connection with the Microsoft SQL Server database type:
  • Select Connector - Microsoft SQL Server

    • Specify the Address (DNS name/IP address)

    Note
    iconfalse

    If Microsoft SQL Server is in a domain, you can use both domain and integrated accounts as a service account.
    If Microsoft SQL Server is located outside the domain, only integrated SQL Server accounts can be used as a service host.

    Image Removed

    Warning
    iconfalse

    Only integrated SQL Server accounts are synchronized.

    Configuration of service connection with the Oracle database type:
  • Select Connector - Oracle Database

    • Specify the Address (DNS name/IP address)

    Note
    iconfalse

    To use the Resource Connection service account, you must be able to log in with the SYSDBA privilege, and to verify the password of other accounts, you need the CONNECT privilege. Use the following commands to apply privileges:

    Code Block
    languagesql
    GRANT CONNECT TO username;
GRANT SYSDBA TO username;

    Image Removed

    Configuration of service connection with the PostgreSQL Pro database type:
  • Select Connector - PostgreSQL
    • Specify the
    • Select Connection type
    • Fill in
    • Address (DNS name/IP address)
  • Specify the Port
    • Configuration of service connection with the MySQL database type:
  • Select Connector - MySQL

  • Specify the Address (DNS name/IP address)

    •  of MS SQL Server instance 
      Image Added

    Service connection setup

    This article will not consider setting up

    Specify the Port

    Note
    iconfalse
    After creating

    a service connection,

    the host name must be entered in the properties of the MySQL service account.
  • Select the service account. To find the account enter Account name completely or partially.
    • Select the account policy.
    Image Removed

  • Look through the resource parameters again and click Create.

    Note
    iconfalse

    If you need to modify the resource parameters, simply click Back to return to the required step.

    Image Removed

    • a detailed description of the configuration process is available in the article Setting up a service connection for resources.

    • Disable the Use connector for service connection option

    Choosing an account policy

    • Select an account policy
    • Finish adding the resource

    Search for resources

    Search is performed in the Resources section.

    Textual search

    To find the resource, enter Resource name or Address (DNS address/IP address) to the search string completely or partially.

    Extended search

    Click Advanced search and enter one or several criteria - Resource name or Address - to the search string completely or partially.
    Select the resource status:

    • Blocked

    • Removed

    • Ready

    Check of connection to resource

    The connection check allows to determine whether the resource is available in the network, as well as whether the address, account name and password are correct.

    Bulk connection check

    Mark one or several resources in the Resources section and click Check connection.

    Connection check from the resource profile

    1. Switch to the Resources section and find the required resource.
    2. Open the resource profile and click Check connection.

    Resource editing

    To change the Resource name, Description, Policy, User or Service connection, please proceed as follows:

  • Switch to the Resources section and find the required resource.
    • Open the resource profile and click Image Removed to the right of the required parameter.

    Backtotop
    Delay0
    Distance250


    Divbox
    classrightFloat

    Table of Contents
    printablefalse