Onboard and simultaneously sort Accounts into Attribute based Groups
You can automatically sort accounts into groups while they are being discovered and onboarded by an account discovery job. For this, you will need to create attribute based groups before the discovery job is scheduled to run. If the 'Account Management Service' is active while a discovery job is auto-onboarding accounts, the accounts will be added into the respective groups based on their attributes. This is especially helpful in terms of management when a large number of accounts are to be onboarded.
Procedure:
To create an attribute-based Account Group:
- Login to the system and select Platform Configuration from the product navigator.
- Go to System → System status → App Services →Account Management Service. Click on Start if its not already active.
- Go to Manage → Account Groups → Add account group.
- Enter the Group Name and description.
- Select Method as 'Attribute Based Group'
- Select the required attribute(type), the operator(for comparison) and provide an input with which the User should be compared.
- Click on the Active slider to activate (set to Active by default) the process.
- Click on Save.
To run an Account Discovery:
- Login to the system and select PAM from the product navigator.
- Go to Manage → Account Discovery → Add Account Discovery.
- Enter a Job Title.
- Select Asset Category from: Database/ Directory Server/ Operating system.
- Select Asset Type from the dropdown menu.
- Set Schedule type to:
a. Once: when you want the job to run only once at your specified date & time
b. Recuring : when you want the job to start running periodically - Specify whether you want to onboard accounts.
- Click on Save+Run Now to start account discovery.
Make sure that the 'Account Management Service' is active throughout the length of the Account discovery job to successfully sort accounts into respective groups.