Skip to main content
Skip table of contents

Managing Account Operations

This section provides insights for managing daily or ongoing operations related to privileged accounts

Viewing account inventory

Viewing accounts inventory from the account management interface.

  • Login to the system and select EPM from the product navigator.

  • Navigate to Manage → Click on Manage Accounts from the All Accounts section.

  • List of all the accounts will be displayed.

Update account attributes

  • Login to the system and select EPM from the product navigator.

  • Navigate to Manage → Click on Accounts from Asset Management section.

  • Click on the Edit button next to the Account on which you desire to change the attributes.

  • You can change the details and click on the Update button to update the changed details in the system.

Update account attributes in bulk

Sectona PAM platform provides you an option to update multiple accounts in the system manually using the bulk update option. Follow the below steps to bulk update accounts in the system:

  • Login to the system and select EPM from the product navigator.

  • Navigate to Manage → Asset Management section select Accounts.

  • Click on Bulk Accounts and select the Update option.

  • On the next page → Select the desired Account Category → Interactive Account / Service Account.

  • Select an Authentication type for your account like Password or Key Based or Key Based + Secret Key.

  • Tags (optional): Add relevant tags to this user. Refer to the section on Tags for more information about adding context with tags.

  • Enforce Password Change enable for including the accounts for schedule-based password change job.

  • Click on the Status bar to keep the accounts active in the system.

  • Download the Import format by clicking on the Download format button.

Follow the below steps to fill-up the Import format sheet and upload data in the system:

  • Open the downloaded Import format.

  • Enter the Asset Type like Windows server or Unix Based.

  • Enter Host-name/IP specify any one of them.

  • Enter DB Instance (optional) this is required only if the account is being on-boarded for a Database asset.

  • Enter Account Name followed by Password.

  • Enter Access Key and Secret Access Key (only applicable if the account authentication type is selected as Key Based + Secret Key).

  • Select all the columns and copy from the sheet.

  • On the PAM web console click on the Next button → Paste the copied text → Click on Next the button review the list of accounts and click the Finish button to onboard the list of accounts in the system.

Configuring account dependencies

Some services in Windows environment might depend on the account configured to handle them. There might be a case when we need to change the password of the corresponding account, we need to either replace an old password in the file, execute a command or a script. Some actions need/can be performed before changing the password of the account, on successful password change and on password change failure.

Procedure to configure account dependency:

  • Navigate to EPM → Manage → Go to Asset Management from the sidebar.

  • Click on Accounts to access the Accounts window.

  • Click on action icon of the account and then click on Dependencies tab.

  • The account dependencies window will be displayed.

Parameter

Description

Type

The type of action you need to perform. The specific action can be Update password in account, Execute command, Replace old password in file, Execute Script, Windows services, Schedule task, IIS pool 

Asset

You can select the asset on which you wish to perform the type of action

Account

You can select the account on which the type of action can be performed

File Path

The path of the file required to replace an old password or execute a script

Parameter

The parameter that will be effected

Command

The command needed to be executed

Options

This displays options such as Start, Stop, Restart and Update password  which can be used for services, scheduled task, and IIS pool

Active

Represents the current status of account dependency 

View session initiated by account

To audit any configuration changes by administrators of the system you can track by clicking on the Action icon corresponding to the account and then choose Session Activity.

Parameter

Description

ID

The unique session ID

Username

The entity who accessed the session

Asset Type

The type of asset 

Hostname

The hostname of the asset

IP address

The IP address of the asset

Account

The account that was accessed

Login Time

The login time of the account

Duration

The total duration the account was accessed

Activity

Displays the activity graph of the corresponding session

Changing an account password

Method 1:

Follow any one of the methods to change the user account password.

  • Login to system and select PAM from the product navigator.
  • Navigate to the "Manage" and click on the Asset Management from the sidebar → Asset.
  • Click on the 'Account' button of that Account linked with the asset whose password you would like to change.
  • The listed accounts linked with that asset will be displayed.
  • Now, click on the edit button of the existing account to change its password.
  • Enter the new password in the defined field and click on Update.

Method 2:

  • Login to system and select PAM from the product navigator.
  • Navigate to the "Manage" and click on the Asset Management from the sidebar → Account.
  • Click on the 'edit' button of that Account whose password you would like to change.
  • Enter the new password in the defined field and click on Update.

View password change history


Processed On

Initiated By

Status

22 Nov 2018 17:14

John

Success

In the above table, a user 'John' initiated a password change process which was successful on timestamp '22 Nov 2018 17:14'. By clicking on the timestamp in 'Processed On' field the following table will be displayed:

Log

Timestamp

Password/Key updated by user

22 Nov 2018 17:14:14.363

In the above table, the user named 'john' updated a password/Key on timestamp '22 Nov 2018 17:14:14.363'.

Viewing account activity

To view the account activity done by users and administrators, you can track by clicking on the Action button corresponding to the account and choosing the View Account Activity option from the drop-down list. It will display a roadmap of account activities on the screen.

Account activity option shows the following details in a timeline chart

  • Account created
  • Account Modified
  • Password Checkout
  • Password Changed/Reset
  • Session Taken




JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.