Creating a safe

Warning

Data model objects: safes, users, servers, accounts and listeners are replicated within the cluster and object instances must not be added on each node. In case the replication mechanism fails to copy objects to other nodes, contact technical support department.

  1. Select Management > Safes.
  2. Click Add.
../../_images/safes_add.png
  1. Enter object’s name.
  1. Select Blocked option to disable access to object after it’s created.
  1. Select system events, about which you want to be notified.

Note

  • Notification settings are applied only to the currently logged in Fudo PAM administrator/operator (user with a superadmin, admin or operator role). Each system administrator/operator must log in to Fudo PAM web interface and adjust their settings individually to receive notifications regarding a particular safe.
  1. Select Login reason option, to display prompt upon logging in, asking user to enter login reason.

Note

Login reason is not supported in HTTP connections.

  1. Select Require approval option to have the administrator approve each connection to servers accessed through configured safe.
  2. Assign security policies in the Policies field.
../../_images/safes_general.png
  1. From the Note access drop-down list, select user access rights to account related notes.

Note

Notes can be accessed either from the account edit form

../../_images/notes_account_form.png

accounts list

../../_images/notes_accounts_list.png

or in the User Portal.

../../_images/notes_user_portal.png
  1. Select Session time limit option and input a minutes value.
  2. Select Session inactivity limit option and input a minutes value – a session will be disconnected after the given period.
  3. In the Protocol functionality section, select allowed protocols’ features.
../../_images/safes_general_functionality.png

Note

With the Suspend option enabled, session content will not be available for viewing when the user minimizes its client application.

  1. Select Users tab to assign users allowed to access accounts assigned to this safe.
  1. Click Add.
../../_images/safes_grant_access.png
  1. Click i next to desired user to enable server access over monitored safe.
../../_images/safes_grant_access_modal.png
  1. Click i to close the modal window.
../../_images/safes_grant_access_modal_close.png

  1. Define safe access options.

    • Click . to define the timeframe when given user can access this object.
    • Click . to define daily access policy.
    ../../_images/time_access_policy.gif
    • Click . to allow user to check out and view passwords in the User Portal.
    • Click . to disable access for selected user.

  2. Select Granted users tab to assign users allowed to manage this object.

  3. Click Add.

../../_images/safes_permissions.png
  1. Click i next to desired user to enable server access over monitored safe.
../../_images/safes_permissions_modal.png
  1. Click i to close the modal window.
../../_images/safes_permissions_modal_close.png
  1. Select Accounts tab to add accounts accessible through this safe.
  2. Click Add.
../../_images/safes_accounts.png
  1. Click . to add accounts.
../../_images/safes_accounts_modal.png
  1. Click . to close the modal window.
../../_images/safes_accounts_modal_close.png
  1. Click to assign listeners to accounts.
../../_images/safes_listeners.png
  1. Click . to add listeners.
../../_images/safes_listeners_modal.png
  1. Click . to close the modal window.
../../_images/safes_listeners_modal_close.png
  1. Click Save.

Related topics: