Versions Compared

Old Version 2

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version Current

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

With PAM, your organization is able to secure Windows and Linux servers by vaulting the credentials needed to access those machines. These credentials can be usernames and passwords for specific computer accounts on Windows servers or SSH keys for Linux servers. If you need to access a particular computer to perform a task on that machine, you request a "check-out" of the credentials needed for that computer.  When you request a check-out, your request is sent to an administrator for approval. If your request is approved, you access the machine directly from EmpowerID via Privileged Session Manager, which is an application that is embedded in your browser. When PSM launches, you are automatically logged in to the machine and granted access to perform the tasks authorized by the credentials you checked - out. In this way, you gain access to the machine without needing to open Remote Desktop or a similar application and will never need to manually enter any credentials. This protects both yourself and your organization in that those credentials can never be compromised. 

Request a computer session

  1. On the navbar, expand Privileged Access and click Request Access.

    Image Added

  2. Click

    Select the Computers tab and

    then search

    click Show All.

    Image Added

  3. Search for the computer

    for

    to which you want to request access.


    Image Removed

  4. Click the Connect icon for that computer and then click For Myself.

    Image Removed
    Enter Image Added

  5. If prompted, enter your master password and then click OK.


    Image Removed

    This opens the Request Check-Out dialog.
    Image Removed

  6. In the Request Check-Out dialog that appears, do the following:

    1. Access Begins

       —

       – Select the date and time you want the access to begin.

    2. Time Requested (Minutes)

       —

       – Enter the time needed in minutes for your session. The max time allowed in the above image is 2880 minutes. However, this depends on your organization's policy so what you see may.

    3. Justification 

      Justification – Enter the reason for your access request.

    4. Click OK.

      Image RemovedImage Added

  7. Your request is routed for approval. Once it is approved, you will receive

    an

    email notification of the approval and can start your session.

Insert excerpt
IL:External Stylesheet
IL:External Stylesheet
nopaneltrue

Page Properties
hiddentrue

Request a computer session

  1. Navigate to the IT Shop portal for your organization.

  2. In the IT Shop, click the Resource Type dropdown and select Computers.

    Image Added

  3. Apply any desired filters to the limit the computers appearing in the grid to you. In the below image, we expanded the Advanced Search filter and entered the friendly name of the computer in the Friendly Name field.

    Image Added

  4. Click the Request Access button.

    Image Added


    This opens the Request Card for the computer. You enter the specifics of your request here and add it to your shopping cart.

    Image Added

  5. In the Overview section of the Request Card, enter the following information:

    • Select Request Type – Login Session Access

    • Select Access Type – One Time Access

    • Select Duration – Enter the following:

      • Start Date – Date you want your access to start

      • Start Time – Time you want your access to start on the above start date

      • End Date – Date you want your access to start

      • End Time – Time you want your access to end on the selected end date

        Image Added

  6. Select Credential Type – Select the appropriate type

    • Shared Credentials – Select this option if you are using credentials that are vaulted for the computer in EmpowerID

    • Personal Credentials – Select this option if you are using your personal credentials to access the computer

  7. Click Add to Cart.

    Image Added

  8. Click the Cart icon to open your shopping cart.

  9. Enter a name for you request in the Enter Business Request Name field. This allows you and people who can approve your request know what the request is about. For example, when requesting a login session for a computer, the Business Request Name could be “<Your Name> Login Session for <Computer Name>.”

    Image Added

  10. When ready, click Submit to submit your request.

  11. Once successfully submitted, a window appears stating that the cart was successfully submitted with a link to track the status of the request.

    Image Added


    Clicking the link directs your browser to the My Requests page of the My Tasks application with the Overview card for the request open. The card allows you to view details about your request and the number of approvals needed for it to be granted.

    Image Added