The section contains all issued and revoked permissions.

Permission Profile

The permission profile displays the following data:

  • Description - custom text.
  • Resources - resources on which RDP, SSH or web-session can be opened on behalf of the account specified in the permission.
  • Account - account that is used to open RDP, SSH or web-session on the resources specified in the permission.
  • User - Active Directory user for which permission is granted.
  • Permission created by - Indeed PAM admin account.
  • Permission created at  - date and time permission was created.
  • Date restriction - dates between which the permit is active.
  • Time restriction - time between which the permit is active.
  • View account credentials - permission to view the password or SSH key of the access account.

Permissions search

Search is carried out in the Permissions section.

Text search

Enter in the search box in whole or in part # (Permission number), User, Account, Resource or Description.

Extended search

Click Extended search and enter one or more criteria in whole or in part # (Permission number) or Comment, select User, Account or Resource.

Select permission state:

  • Valid
  • Revoked

Create permission

Permissions give the right to open RDP, SSH or web-sessions. Permission can be issued both from the section Permissions, and form the User, Resource or Account profile.

  1. Go to the Permissions section and click Create.

  2. Select a user directory.
    To search, enter the Name, Surname, Phone number or Email in whole or in part.

  3. Select resource.
    To search, enter the resource Name or Address (DNS address / IP address) in full or in part.

    If more than one resource is selected, then only domain accounts will be used to access them. If one resource is selected, then both local accounts and domain will be used to access it.

  4. Select an account.
    To search, enter the Account Name in whole or in part. 

  5. Configure Access Schedule:
    • Start date - the start date of the permit.
    • End date - the expiration date of the permit.
    • Start time - the start time of the permit.
    • End time - the expiration time of the permit.

    Mark the required parameters and set the values for them.

    If the Access Schedule does not contain the marked parameters, then the permission will be considered unlimited and round-the-clock.

    Configure View account credentials.
    If the user for whom permission is created must have the right to view the password or SSH key of the access account on behalf of which the session will be opened, then check the option Allow user to view account credentials.

    Viewing account credentials is performed in the Self Service.

  6. If necessary, fill out the Description for permission.

  7. Review the permission details and click Create.

    If you need to change the permission settings, then you can return to any step by clicking Back.

Revoke of permission

Bulk Revoke of Permissions

  1. Go to the Permissions section and select one or more permissions.
  2. Click Revoke, confirm your actions by clicking Revoke.

Revoke of permission from its profile

  1. Go to the Permissions section and search.
  2. Open the permission profile and click Revoke.
  3. Confirm your actions by clicking Revoke.