Safes¶
directly regulates user access to monitored servers. It specifies available protocols’ features, policies and other details concerning users and servers relations.
Adding a safe
Warning
Data model objects: safes, users, servers, accounts and listeners are replicated within the cluster and object instances must not be added on each node. In case the replication mechanism fails to copy objects to other nodes, contact technical support department.
Note
- The
system
safe can only containsystem
account. - The
portal
safe can only contain theportal
account. Operator
,admin
andsuperadmin
users always have access to thesystem
safe.User
type users cannot have access to thesystem
safe.
- Select > .
- Click .
- Enter object’s name.
- Select Blocked option to disable access to object after it’s created.
- Select Login reason option, to display prompt upon logging in, asking user to enter login reason.
- Select Notifications option and choose notifications sent out to Wheel Fudo PAM administrator.
- Assign security policies in the Policies field.
- In the Protocol functionality section, select allowed protocols’ features.
- In the Permissions section, add users allowed to manage this object.
- In the Object relations section, add users allowed to connect to servers using accounts assigned to this safe.
- In the Accounts field, add privileged accounts used to connect to monitored servers.
- In the Listeners field, add listeners used to initiate connections with monitored hosts.
- Click .
Editing a safe
- Select > .
- Find and click desired object to open its configuration page.
- Modify configuration parameters as needed.
Note
Unsaved changes are marked with an icon.
- Click .
Deleting a safe
Warning
Deleting a safe definition will terminate all current connections to servers which use selected safe to regulate access to servers.
- Select > .
- Find and select desired objects.
- Click .
- Confirm deletion of selected objects.
Related topics: