Creating a safe


Data model objects: safes, users, servers, accounts and listeners are replicated within the cluster and object instances must not be added on each node. In case the replication mechanism fails to copy objects to other nodes, contact technical support department.

  1. Select Management > Safes.
  2. Click Add.
  1. Enter object’s name.
  1. Select Blocked option to disable access to object after it’s created.
  2. Select Login reason option, to display prompt upon logging in, asking user to enter login reason.
  3. Select Require approval option to have the administrator approve each connection to servers accessed through configured safe.
  4. Select Notifications option and choose notifications sent out to Wheel Fudo PAM administrator.


Session start (push) notification requires an external proxy service. For more information on proxy server configuration refer to Proxy servers configuration topic.

  1. Assign security policies in the Policies field.
  2. Add users allowed to connect to servers using accounts assigned to this safe.


Click a specific user element to define time policy and allow him to see passwords in the User Portal.

  1. In the Protocol functionality section, select allowed protocols’ features.
  2. In the Permissions section, add users (administrators, operators) allowed to manage this object.
  1. In the Accounts section, click the i icon.
  1. Select privileged account from the drop-down list and assign listeners allowed to initiate connections to hosts using selected account.
  1. Click Save.

Related topics: