How to capture sessions of local privileged accounts (i.e. local Administrator) ?

How to configure Privileged Account Manager (PAM) to audit direct sessions of the local Administrator account.
How to configure the Account Domain properly for local privileged accounts to use with direct rdp, rdp relay, credential provider, run as privileged user sessions.

Please follow the steps below to configure a Local Windows Account Domain properly in the Enterprise Credential Vault (crdvlt):

1. Create a new Account Domain in the crdvlt:
• Select Add Account Domain.
• Enter the Windows Server Name as the Account Domain Name.
• Select Type as LDAP.
• Leave all the rest of the fields blank or their default value.
• Click Add.
  
  
2. Add the various local privileged accounts, as needed, to the Account Domain created in Step 1:
• Add the Administrator credentials.
  
• For a SubmitUser credential:
  Note: This credential can be used to capture sessions of any local accounts with Direct RDP.
  
• Select Add in the Account Domain's Credentials.
• Enter SubmitUser as the Account.
• Leave the rest of the fields blank.
• Select Add Credential.
  
  
3. Proceed to create the necessary Command Control rules to leverage these local privileged accounts as needed.
   

For more details, please refer to Privileged Account Management for Windows.