To provide normal access to a Linux machine through ServiceNow request, configure the following:
Click Command Control > Rules > Add Policy Template and import the following Policy Templates:
ServiceNow Request Access: This is used to provide elevated access.
ServiceNow Update Incident: This is used to allow user to add comments to the ServiceNow incident.
ServiceNow Close Incident: This is used to resolve the ServiceNow incident.
For more information about using the policy template, see Adding a Policy Template.
Edit the ServiceNow application configuration in the new Administration Console:
Click Vault > Application > Applications.
Select the edit icon next to the newly added resource ServiceNow_Credentials.
Specify the HostName and Port of ServiceNow.
Click edit icon next to the appropriate credentials.
Specify the User Name and Password of ServiceNow
Edit ServiceNow rules, RL-SERVICENOW-PRIV-ACCESS, RL-SERVICENOW-UPDATE, and RL-SERVICENOW-CLOSE as follows:
Click Rules and select the required rule.
Click Script Arguments in the last pane and modify the following:
Account: This is the credential that is used to access ServiceNow. This value must be the user name mentioned in Step 2e.
Vault: The resource which contains the ServiceNow connection details such as, IP address, and port number. This must be the name of the resource configured in Step 2b.
Strict_Check: If this option is set to false, any user is granted access and the session is monitored by PAM.
If you set this to true, the access to the machine is granted only when the following conditions are satisfied:
The user must be configured in ServiceNow.
The ServiceNow incident must be assigned to the user who has created the request.
The machine to which the access is provided must be configured in ServiceNow.
The ServiceNow incident must be in the active state.
Click Finish.
Deselect Disable to enable the rule and click Apply.