Anonymous_User Absent Member.
Absent Member.
714 views

Windows Privileged Account Delegation - Cmd/App restriction


Hi,

I know that audit, session capture and replay, risk level rating and AD
authentication are Windows features via RDP relay.

However, how should I do to define specific commands that users will be
able to execute on Windows ? Because Command Control integrates through
a restricted shell on Unix/Linux but there is not an option on Windows,
right ? There are many references which mentions Windows command
execution and Remote privileged command execution. But I don´t know the
way to do it (allow/deny). What does "PUM Run" do ? Is RDP relay
mandatory ?

Please let me know if there is any document which can help me to
understand these PUM features for Windows.

Thanks in advance.


--
eannaratone
------------------------------------------------------------------------
eannaratone's Profile: http://forums.novell.com/member.php?userid=57972
View this thread: http://forums.novell.com/showthread.php?t=447790

0 Likes
1 Reply
Anonymous_User Absent Member.
Absent Member.

Re: Windows Privileged Account Delegation - Cmd/App restriction


eannaratone,

As the Windows RDP feature stands today, the only thing that can be
done is to make a secure RDP session. We can not currently define
specific windows commands, only a full RPD session as the configured
user. The "PUM Run" code was disabled and not officially release as a
feature.

Sorry.

-Brett


--
deni
------------------------------------------------------------------------
deni's Profile: http://forums.novell.com/member.php?userid=7771
View this thread: http://forums.novell.com/showthread.php?t=447790

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.