I've been going through the JSON API, but could not find a way to manipulate the Privileged Accounts. How can I do that? What I want to achieve: - Users log in to the RDP Relay - Users get a list of Hosts they can log in to, for example: user001@pum-clnt-windows - User selects the host and is automatically logged in as user001 on host pum-clnt-windows - Once the user is logged in to the pum-clnt-windows he/she can use PUM Run to run commands as super-user.
That's fairly straightforward, but password policy kicks in and has the password changed. How do I get the new password into the Privileged Accounts? There's already a functioning mechanism to update the password of framework users, but those are independent of Privileged Accounts, right?
I have now managed to do a MITM attack on the Flash interface and by analyzing what that does I figured out how to access the privileged credential vault. It would be very nice if this could be documented in the official docs, though...