My Favorites

Close

Please to see your favorites.


How to capture sessions of local privileged accounts (i.e. local Administrator) ?

This document (7021908) is provided subject to the disclaimer at the end of this document.

Environment

Privileged Account Manager

Situation

How to configure Privileged Account Manager (PAM) to audit direct sessions of the local Administrator account.
How to configure the Account Domain properly for local privileged accounts to use with direct rdp, rdp relay, credential provider, run as privileged user sessions.

Resolution

Please follow the steps below to configure a Local Windows Account Domain properly in the Enterprise Credential Vault (crdvlt):

  1. Create a new Account Domain in the crdvlt:
    • Select Add Account Domain.
    • Enter the Windows Server Name as the Account Domain Name.
    • Select Type as LDAP.
    • Leave all the rest of the fields blank or their default value.
    • Click Add.

  2. Add the various local privileged accounts, as needed, to the Account Domain created in Step 1:
    • Add the Administrator credentials.
    • For a SubmitUser credential:
      Note: This credential can be used to capture sessions of any local accounts with Direct RDP.
      • Select Add in the Account Domain's Credentials.
      • Enter SubmitUser as the Account.
      • Leave the rest of the fields blank.
      • Select Add Credential.

  3. Proceed to create the necessary Command Control rules to leverage these local privileged accounts as needed.

Additional Information

For more details, please refer to Privileged Account Management for Windows.

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7021908
  • Creation Date:28-SEP-17
  • Modified Date:28-SEP-17
    • NovellPrivileged Account Manager (Privileged User Manager)

Did this document solve your problem? Provide Feedback