6.14 Privileged Access to System Tools or Processes Using PUM Run

The administrator can use PUM Run feature to provide privileged access to users for a specific process, system tools, or specific files. For example, service.msc or notepad.exe.

6.14.1 Configuring the Windows Machine for PUM Run

Creating a Privileged Account Domain

For information on creating a privileged account domain, see Section 6.12.1, Creating an Account Domain for Windows Systems.

Adding a Command

For information on adding a command, see Section 6.8.1, Adding a Command.

Modifying a Command

  1. Click Command Control on the home page of the console.

  2. Click Commands in the navigation pane.

  3. Select the command you want to modify.

  4. Click Modify Command in the task pane.

  5. In the Modify Command page, type the processes which requires privileged access.

    For example:

    • *notepad.exe*

    • *note*d.e*e*

    • *n........ex.*

    • *C:\WINDOWS\system*\notepad.exe*

  6. Click Finish.

Adding a Rule

For information on adding a rule, see Section 6.6.1, Adding a Rule.

Modifying a Rule

To modify a rule, see Section 6.6.2, Modifying a Rule.

Ensure that you modify the following option:

Run Host: Click Submit Host

Executing PUM Run

  1. Login to the system as an administrator by using any remote desktop accessing tool.

  2. Right-click the process and select PUM Run to provide privileged access to the process.

    NOTE:

    • In Windows 2008 R2, Shift+right-click the applications in the Start menu to execute PUM Run.

    • In Windows 2012, right-click the application in the folder where the application is installed to execute PUM Run.

You can also provide privileged access to specific files.

For Example: To provide privileged access to critical.txt file:

  1. Create a short-cut to Notepad.

    Notepad is the process that is used to open the critical.txt file.

  2. Right-click the short-cut to Notepad, then select Properties.

  3. In the Target field, add the file path of the critical.txt file after the file path of the process, then click OK.

    NOTE:For example, the path can be added in the following format:

    C:\WINDOWS\system32\notepad.exe "C:\critical.txt"

  4. Right-click the shortcut and select PUM Run to provide privileged access to the critical.txt file.