Versions Compared

Old Version 1

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version Current

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

With PAM, your organization is able to secure Windows and Linux servers by vaulting the credentials needed to access those machines. These credentials can be usernames and passwords for specific computer accounts on Windows servers or SSH keys for Linux servers. If you need to access a particular computer to perform a task on that machine, you request a "check-out" of the credentials needed for that computer.  When you request a check-out, your request is sent to an administrator for approval. If your request is approved, you access the machine directly from EmpowerID via Privileged Session Manager, which is an application that is embedded in your browser. When PSM launches, you are automatically logged in to the machine and granted access to perform the tasks authorized by the credentials you checked out. In this way, you gain access to the machine without needing to open Remote Desktop or a similar application and will never need to manually enter any credentials . This protects both yourself and your organization in that those credentials can never be compromised. manually.

Request a computer session

  1. On the navbar, expand Privileged Access and click Request Access.

    Image Removed

  2. Select the Computers tab and click Show All.

    Image Removed

  3. Search for the computer to which you want to request access.

  4. Click the Connect icon for that computer and then click For Myself.

    Image Removed

  5. If prompted, enter your master password and then click OK.

  6. In the Request Check-Out dialog that appears, do the following:

    1. Access Begins – Select the date and time you want the access to begin.

    2. Time Requested (Minutes) – Enter the time needed in minutes for your session. The max time allowed in the above image is 2880 minutes. However, this depends on your organization's policy so what you see may.

    3. Justification – Enter the reason for your access request.

    4. Click OK.

      Image Removed

  7. Your request is routed for approval. Once it is approved, you will receive email notification of the approval and can start your session.

...

hiddentrue

Request a computer session

...

Navigate to the IT Shop portal for your organization.

...

In the IT Shop, click the Resource Type dropdown and select Computers.

...

...

Apply any desired filters to the limit the computers appearing in the grid to you. In the below image, we expanded the Advanced Search filter and entered the friendly name of the computer in the Friendly Name field.

...

Click the Request Access button.

...

...

In the Overview section of the Request Card, enter the following information:

  • Select Request Type – Login Session Access

  • Select Access Type – One Time Access

  • Select Duration – Enter the following:

    • Start Date – Date you want your access to start

    • Start Time – Time you want your access to start on the above start date

    • End Date – Date you want your access to start

    • End Time – Time you want your access to end on the selected end date

      Image Removed

...

Select Credential Type – Select the appropriate type

  • Shared Credentials – Select this option if you are using credentials that are vaulted for the computer in EmpowerID

  • Personal Credentials – Select this option if you are using your personal credentials to access the computer

...

Click Add to Cart.

...

...

Click the Cart icon to open your shopping cart.

...

Enter a name for you request in the Enter Business Request Name field. This allows you and people who can approve your request know what the request is about. For example, when requesting a login session for a computer, the Business Request Name could be “<Your Name> Login Session for <Computer Name>.”

...

...

When ready, click Submit to submit your request.

Once successfully submitted, a window appears stating that the cart was successfully submitted with a link to track the status of the request.

...

  1. Log in to Resource Admin.

  2. Select Computers from the Resource Type dropdown and search for the desired computer.

  3. Click Request Access for the computer.

    Image Added


    This opens the request card for the computer.

    Image Added

     

  4. Under the Select Access Type section, choose One Time Access if your usage of the computer is occasional, or opt for Pre-Approved if you require frequent access to the computer.

  5. If you chose One Time Access, follow the below procedures; otherwise, go to step 6.

    1. Under the Select Request Type section, opt for Membership-Based Access if you require access with elevated privileges, or select Login Session Access to access the computer using the credentials provided to you.

    2. If you selected Membership-Based Access, select the appropriate permission level.

      Image Added

    3. If you selected Login Session Access, select the credential type.

      Image Added

    4. Under Select Duration, adjust the Start Date, Start Time, End Date, and End Time as needed.

      Image Added

  6. Click Add to Cart.

  7. Click the Cart at the top of the page to open it.

    Image Added

  8. Add a comment as needed and enter a Business Request Name. The text entered here helps identify the purpose of the request to potential approvers.

    Image Added

  9. Click Submit.
    You should see a message saying the cart was successfully submitted with a tracking link.

    Image Added

  10. To view the status, click the tracking link.
    Doing so opens the request in My Tasks.

    Image Added

    Insert excerpt
    IL:External Stylesheet
    IL:External Stylesheet
    nopaneltrue