Versions Compared

Old Version 12

changes.mady.by.user Pavel Golubnichiy

Saved on

compared with

New Version Current

changes.mady.by.user Pavel Golubnichiy

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Permissions allow to start RDP, SSH or web sessions. A permission can be issued both from account profile and from the Permissions section.

  1. Перейдите в раздел Учётные записи и выполните поиск.

  2. Откройте профиль учётной записи и нажмите Добавить разрешение.

  3. Выполните поиск пользователя каталога, для которого будет выдано разрешение.

  4. Switch to the Accounts section and search for required account.
  5. Open the Account profile and click Add permission.
  6. Search for the directory user for which permission will be granted
    To do so, enter Name, Last name, Phone number or Email to the search string completely or partially.

  7. Select one or several resources to allow access to.
    To find account enter Resource name or Address (DNS name/IP address) completely or partially.

    Note
    iconfalse

    If the permission is created from local account profile, the resource selection step is skipped, since a local account can reside at one resource only. If the permission is created from domain account profile, then all the resources added to Indeed PAM are available for selection.

  8. Configure the Active time and Access schedule:

  9. Start date - the date when permission becomes active

  10. End date - the date when permission becomes inactive

  11. Start time - the time when the permission becomes active

    12. End time - the time when permission becomes inactive

    • Begin - year, month, day and time the permit began

    • End - year, month, day, and time the permit expires
      You can use the calendar by clicking the appropriate button


    Mark the required parameters and set their values.

    Image AddedImage Added

    Note
    iconfalse

    If the Active time does not contain the marked parameters, then the resolution will be considered unlimited. 
    If the Access schedule does not contain the marked parameters, then the permission will be considered unlimited and round-the-clock.

    Configure View account credentials.
    If the user has to have the right to view the password of the account, then activate the Allow user to view account credentials option.
    Image Removed

    valid around the clock. If the Access schedule is outside the scope of the Active time, then priority is given to the Active time.


  12. If required, fill in the Description for the permission:
    Image RemovedImage Added

  13. Look through the permission parameters again and click Create.

    Note
    iconfalse

    If you need to modify the permission parameters, simply click Back to return to the required step.


Backtotop
Delay0
Distance250