Safes¶

Safe directly regulates user access to monitored servers. It specifies available protocols’ features, policies and other details concerning users and servers relations.

Adding a safe

Warning

Data model objects: safes, users, servers, accounts and listeners are replicated within the cluster and object instances must not be added on each node. In case the replication mechanism fails to copy objects to other nodes, contact technical support department.

Note

The system safe can only contain system account.
The portal safe can only contain the portal account.
Operator, admin and superadmin users always have access to the system safe.
User type users cannot have access to the system safe.

Select Management > Safes.
Click Add.

Enter object’s name.

Select Blocked option to disable access to object after it’s created.
Select Login reason option, to display prompt upon logging in, asking user to enter login reason.
Select Notifications option and choose notifications sent out to Wheel Fudo PAM administrator.

Assign security policies in the Policies field.
In the Protocol functionality section, select allowed protocols’ features.
In the Permissions section, add users allowed to manage this object.
In the Object relations section, add users allowed to connect to servers using accounts assigned to this safe.
In the Accounts field, add privileged accounts used to connect to monitored servers.
In the Listeners field, add listeners used to initiate connections with monitored hosts.

Click Save.

Editing a safe

Select Management > Safes.

Find and click desired object to open its configuration page.
Modify configuration parameters as needed.

Note

Unsaved changes are marked with an icon.

Click Save.

Deleting a safe

Warning

Deleting a safe definition will terminate all current connections to servers which use selected safe to regulate access to servers.

Select Management > Safes.
Find and select desired objects.
Click Delete.
Confirm deletion of selected objects.

Related topics: