With PAM, your organization can control access to remote desktop sessions to any inventoried computersis able to secure Windows and Linux servers by vaulting the credentials needed to access those machines. These credentials can be usernames and passwords for specific computer accounts on Windows servers or SSH keys for Linux servers. If you need to access a particular machine computer to perform a task on that machine, you request a "check-out" of the vaulted credentials needed for a specific account on that machine. If approved, you initiate your remote desktop session using Privileged Session Manager (PSM). PSM that computer. When you request a check-out, your request is sent to an administrator for approval. If your request is approved, you access the machine directly from EmpowerID via Privileged Session Manager, which is an application that is embedded in your browser. When you initiate a remote desktop session, PSM opens the session in your browser using the credentials associated with an account on that machine.
...
PSM launches, you are automatically logged in to the machine and granted access to perform the tasks authorized by the credentials you checked-out. In this way, you gain access to the machine without needing to open Remote Desktop or a similar application and will never need to manually enter any credentials. This protects both yourself and your organization in that
...
those credentials can never be compromised.
To request a computer session
- From the navbar, expand Privileged Access and click Request Access.
- Click the Computers tab and then search for the computer for which you want to request access.
- Click the Connect icon for that computer and then click For Myself.
- Enter your master password and then click OK.
This opens the Request Check-Out dialog. - In the Request Check-Out dialog that appears, do the following:
- Access Begins — Select the date and time you want the access to begin.
Time Requested (Minutes) — Enter the time needed in minutes for your session.
Info The max time allowed in the above image is 2880 minutes. However, this depends on your organization's policy so what you see may
- Justification — Enter the reason for your access request.
- Click OK.
- Your request is routed for approval. Once it is approved, you will receive an email notification of the approval and can start your session.
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|