|
Launch session (SSO)
|
- Launch RDP, SSH, etc. from Hitachi ID Privileged Access Manager web UI.
- Plug-ins for additional programs/protocols.
|
- Password not disclosed at all.
- User is connected directly without further proxy.
|
|
Temporary ACL change
|
- Place user's AD account in a local security group (Windows).
- Place user's public SSH key in .ssh/authorized_keys file (Unix).
- Manipulate /etc/sudoers files (Unix).
|
- No password involved.
- Native logging references the user's own account.
|
|
Copy
|
- Place password in user's OS copy buffer.
- Clear buffer after N seconds.
|
- Allows user to paste the password into an e-mail, text, file, etc.
- Password not directly disclosed.
|
|
Display
|
- Reveal the cleartext value of password on screen.
- Clear display after N seconds.
|
- Appropriate for managing off-line, console login devices.
|
