This section will help you understand the target accounts available for access and guide you to connect to them. The purpose of accessing target accounts through Sectona PAM is to ensure that you do not have to remember the passwords for the target assets and their corresponding privileged accounts. It gives you seamless single sign-on access to assets assigned to you. In addition, through the Sectona PAM access portal, you can view all the accounts whose access has been assigned to you. This will help increase your overall productivity and help you focus only on your business activity rather than focusing on remembering the passwords to the respective accounts. This chapter consists of the following:
Understanding the account interface
Expanding the fields in the asset category will display information about the target asset which is included in the following table:
The category of an asset is to be selected from the list. The list includes operating system, database, router, switch, firewall, SAN storage, SAN switch, application, tape library, directory server, and cloud apps.
The type of asset is to be selected from the list.
The hostname of the target asset.
The privileged ID assigned to the user to access the target asset.
The IP address of the target asset.
The location where the target asset resides.
The status indicates the availability of the target asset. The green symbol means that the target asset is available for access whereas the red symbol means that the target asset is unavailable for access.
Connecting to the target account
Login to Sectona PAM with your username and password.
Select the instance you wish to work on from the Instance drop-down list in the top navigation bar.
Go to Accounts. Click on thesymbol of the target asset and the corresponding target account you wish to connect to.
Click on Connect.
A drop-down list will appear with the services assigned to the asset. Select a service that you wish to connect with.
With the service selected, you will be directed to the corresponding target session.
Checking out the password
One can checkout from an account by implementing the rules of checkout policy as provided during creating the policy. Follow these steps to checkout your account.
Login to the Sectona solution and the "My Access" section will appear in front of you.
Click on Accounts.
Select the asset category and click on the icon to expand your asset category.
Now at the end of the row, you can see the "Checkout" button.
Clicking on that you will see the account password checkout list which contains asset type, hostname, IP address, account and domain information.
Again, you will be asked to checkout or cancel. As you click on the checkout if the workflow assigned is zero, it will directly checkout, else a workflow request form will appear.
Fill in the credentials of the form and select the type you want to use as the password or access type and finally click submit.
You will be checked out from your account within some time.
Working in a Unix environment
Unix environment helps us to configure the account as well as switch the account according to the client's need. One can be accessing the environment as a root user or a non-root user.
svdo su command helps to open a list of all the users that we have in our system.
su command helps to switch user.
Elevate commands help to authorize those shell commands to take in turn as super users and run in the command prompt.
If you need help, please contact your organization's Sectona PAM Administrator.