Skip to main content
Skip table of contents

Configuring password checkout policy

Checkout policies can be configured for users to checkout the passwords for the privileged accounts associated with their entitlements from the Sectona PAM portal.

This section demonstrates the following:

Configuring a new checkout policy

  • Login to the systemand select PAM from the product navigator.

  • Navigate to Policies → Click on Checkout from the Password Policies section.

  • Click on +Add Policy.

  • Policy name: Enter a desired policy name for the new checkout policy.

  • Allow Checkout: Enabling this option allows to checkout the password with appropriate workflow approval.

  • No Approval Checkout: This option allows the users to checkout passwords for accounts in the entitlements without a workflow approval.

  • Change after check-in: This option enables the checkout policies to change the password after clicking on the check-in button on password checkout from the PAM portal.

  • Reset Password if failed: This option allows the password to be reset if checkout fails.

  • Concurrency: You can configure a concurrency for password checkout of an account.

  • Default Duration: This is the default duration for password checkout in days, hours and minutes.
  • Max Duration: You can setup max duration for password checkout in days, hours and minutes.
  • Enforce Four-Eyes Principle: The four-eyes principle means that a certain activity, i.e. a decision, transaction, etc., must be approved by at least two peopleIf checked, add a minimum of two approvers.

  • Click on the Save button to save the checkout policy configuration.

Modifying existing checkout policy

  • Login to the system and select PAM from the product navigator.

  • Navigate to  Policies → Click on Checkout policy from the Password Policies section.

  • Click on a checkout policy name which you want to modify.

  • After modifying the policy, click on the Update button to save the changes.

Viewing linked assets of the checkout policy

You can check the list of assets that have been assigned a particular checkout policy. This highlight will help you to get a consolidated view of assets with the same checkout policy. In addition to this, you will get information such as the Asset Type, Asset Category, Hostname, and IP Address of the asset.

To view the list of linked assets, follow the steps below:

  • Login to the system and select PAM from the product navigator.

  • Navigate to the Policies → Password Policies and select the checkout policy from the sidebar.
  • Select the policy on which you want permissions and click on the Account icon next to the policy name you would like to check.
  • A new page will appear in front of you with a list of assets linked with the checkout policy.
IconTitle

Account



JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close