Page History

Для открытия To start RDP, SSH или web-сессий от имени локальных учётных записей ресурса, а также для управления ими необходимо добавить их в базу Indeed PAM. Добавление может быть выполнено двумя способами.

Ручное добавление УЗ

Image Removed

Не задавать

Задать пароль вручную

Image Removed

or web sessions under resource local accounts, as well as to manage those, it is necessary to add them to Indeed PAM database. This can be done in two ways.

Adding an account manually

1. Switch to the Resources section and find the required resource.
2. Open the resource profile and click Add account.
3. Fill in the Account name and Description fields.
   
   Image Added
4. Select one of the password setting options:

   • Not set

     Note
     icon false
     This option is only available if user or service SSH connection is used, as this connection type allows for account storage with SSH key only. If Not set option is selected, then you should set a SSH key for the account.

     
     

   • Generate random password

   • Set password manually
     

     Note
     icon false
     Options Generate random password or Set password manually + Change password on resource can only be used with service connection. If Set password manually option is selected, and Change password on resource is not, then the account SSH key is changed in the Indeed PAM only.

     
     

   Image Added
5. Select one of the SSH key setting options:
   • Generate new SSH key

   • Set SSH key manually

     Note
     icon false
     Options Generate new SSH key or Set SSH key manually + Change SSH key for resource can only be used with service connection. If Set SSH key manually option is selected, and Change SSH key for resource is not, then the account SSH key is changed in the Indeed PAM only.

     
     

   Image Added

6. Select the session policy.
   Image Added

7. Look through the account parameters again and click Save.

   Note
   icon false
   If you need to modify the account parameters, simply click Back to return to the required step.

   Image Added

The account is then displayed in the Resource local accounts tab. You can now use it to set permissions.

Account synchronization

1. Switch to the Resources section and search for the required resource.
2. Open the resource profile and click Sync accounts.

3. Confirm the action by clicking Synchronize.
   In this case, two tasks will be independently performed:

   • Data synchronization – the name of the operating system, its version and resource name are updated;

   • Accounts synchronization – data on accounts, their groups in the PAM database is compared with the actual data on the resource and their update is performed

Задать SSH ключ вручную

Image Removed

Учётная запись отобразится на вкладке Локальные учётные записи ресурса и может быть использована для создания разрешения.

Синхронизация учётных записей

1. Перейдите в раздел Ресурсы и выполните поиск.
2. Откройте профиль ресурса и нажмите Синхронизировать учётные записи.
3. Подтвердите свои действия нажав Синхронизировать

   • .
     Image Modified

     Note
     icon false

   Опция Синхронизировать учётные записи может быть использована только при наличии сервисного подключения.

Image Removed

1. • The Synchronization option can only be used with service connection.

     
     

The found accounts are then displayed in the Resource local accounts tab with Pending status (Image Added). To continue working with accounts, you need to change their status. Changing the status of accounts is described in the section Account states management.