Configuring Tasks
The privileges task automation module is segregated into the user and administration section. Using the system management interface, admin can perform different actions like adding task library with or without input tags as per requirement, modify task, can run task in such a way that you either get output of the task as a one-line (last line) output or step by step output without logging into the session. You can easily a trigger file copy, service restart or remove directory etc. function with privileged task management reducing human error in executing privileged activities. System support task automation using PowerShell, SSH or telnet protocols. Note that to run SSH task you require Operating system as Unix based and for PowerShell you require Windows server. Following are the task which falls under admin section.
This section covers:
- Adding a task library for SSH/PowerShell/Telnet using input tags
- Adding task library for SSH/PowerShell/Telnet with step by step output
- Adding task library for SSH/PowerShell/Telnet with the last line as output
- Modifying SSH/PowerShell/Telnet access-based task library
- Configuring SSH/PowerShell/Telnet task from the existing task
Adding a task library for SSH/PowerShell/Telnet using input tags
To add a task library for SSH/PowerShell using input tags and run the task, you need to perform the below-recommended steps:
- Login to PAM.
- Go to Manage → Click on Task Library → Click on + Add Task Library.
- Enter Task Name and select the Base Access Type → SSH/PowerShell/Telnet.
- Provide the command that requires input from the user to execute task say, usermod -U %Input1%(unlock user command).
- Provide the Timeout in seconds for the execution of that particular task. You can provide the Timeout up to 1000 seconds.
- Select the Log Display option as Display Last Step Output.
- Under tags, click on Input 1 checkbox and give a name to the tag say Username.
- Click on Save.
Now to configure the added task:
- Go to My Access page → Tasks → Click on +New → Click on Create as New.
- Select the Asset Category as Operating System and Select the Asset Type: Windows Server/ Unix Based.
- Select the Asset and the Account accordingly.
- Select Scope as Private.
- Enter the Name of the Task and select the task library in which input is required from the user say, Unlock User.
- Enter input value to command say, Username as pamuser.
- Click on Save.
Finally, to execute the task:
- Go to My Access → Tasks → Execute the same task by clicking on the run button.
Once the mentioned steps are executed successfully, a new task library will be added to PAM.
For Telnet, when you select the asset type its port number should be the default port of telnet i.e. 23
Adding task library for SSH/PowerShell/Telnet with step by step output
To add a task library for SSH/PowerShell to get step by step output, you need to perform the below-recommended steps:
- Login to PAM.
- Go to Manage → Click on Task Library → Click on + Add Task Library.
- Select Base Access Type as SSH/PowerShell/Telnet.
- Provide the command that needs to be configured as a task.
- Select the Log Display option as Display Last Step Output.
- Provide tags if necessary and fill in the details.
- Click on Save.
Once the mentioned steps are executed successfully, a new task library will be added to PAM.
Adding task library for SSH/PowerShell/Telnet with the last line as output
To add a task library for SSH/PowerShell to get the last line of the output, you need to perform the below-recommended steps:
- Login to PAM.
- Go to Manage → Click on Task Library → Click on + Add Task Library.
- Select Base Access Type as SSH/PowerShell/Telnet.
- Provide the command that needs to be configured as a task.
- Select the Log Display option as Display Last Step Output.
- Provide tags if necessary and fill in the details.
- Click on Save.
Once the mentioned steps are executed successfully, a new task library will be added to PAM.
Modifying SSH/PowerShell/Telnet access-based task library
To modify the SSH/PowerShell access-based task library, you need to perform the below-recommended steps:
- Login to PAM.
- Go to Manage → Click on Task Library.
- Choose the task library you wish to modify and click on its task name.
- Update the parameter you wish to modify.
- Click on the Update button.
Once the mentioned steps are executed successfully, the task library will be modified as per the admin’s requirement into PAM.
Configuring SSH/PowerShell/Telnet task from the existing task
To configure SSH/PowerShell task from the existing task, you need to perform the below-recommended steps:
- Login to PAM.
- Go to My Access page → Click on Tasks → Click on +New → Select Create as From Existing.
- Choose a task from the existing task.
- Select the Asset Category as Operating System and Asset Type: Windows Server/ Unix Based.
- Select the Asset and Account accordingly.
- Select Scope → Private/Delegated.
- Click on save.
Once the mentioned steps are executed successfully, a task from the existing task will be configured in PAM.
To run SSH task you require operating system as Unix and for PowerShell you require Windows server.
Related How-to Articles
- Configure SSH/PowerShell/Telnet task from existing task
- Configure task for SSH/PowerShell/Telnet with step by step output
- Configuring task for SSH/PowerShell/Telnet with last line as output
- Configuring Tasks to run on a Windows/Unix server (with User Input)
- Configuring Tasks to run without User Input on a Windows/Unix server
- Delegate SSH/PowerShell/Telnet based task library
- Modify SSH/PowerShell/Telnet access-based task library
- Privatize/Delegate one or more task to one or more users using task bucket
- Privatize SSH/PowerShell/Telnet based task library