Highlighted
Trusted Contributor.
Trusted Contributor.
151 views

Additional session request PAM Users | IDM | RestAPI

 

Hello All,.

Use case:-  PAM Users When Required any additional session (any specific server ) with normal or Super privileges they should able to request for this by using IDM workflow.

We are creating a workflow using the rest API for PAM users.

 

PAM command control User session prerequisite required for the session :-

 

  • Command (RDP or ssh rule)     
  • 2 groups
  1. The user group  (user name whom the policy will assign)
  2. Session group (what are the user privileges session will show to the user)
  •   Host group ( Host IP address )

 

Issue what we facing:-

Whenever users required additional session we need to modify 2 things.

  • Session Group (Additional User name )
  • Host group (additional servers Ip address)

With the help of Rest API when we trying to modify the group details is overwatering.

Old details are deleting.

 

Ex. Before API request group details       IDM/l1admin

                                                                        IDM/l2admin

    Sending new data                                    IDM/l3admin

           After api request group                  IDM/l3admin

 

Same issue we are facing host group also.

Kindly provide a solution if any way to achieve this use case.

0 Likes
2 Replies
Highlighted
Trusted Contributor.
Trusted Contributor.

Yes because for this use case  We are using IDM Workflow and PAM so.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.