Skip to main content
Version: Axidian Privilege 2.10

Permissions

The section is intended to search, issue, revoke and suspend permissions.

The search allows you to display only those permissions that meet the specified criteria. There are two types of search:

  • Quick search is a search bar. You can only search by one criterion. Text input.
  • Extended search is a form with several fields. You can search by several criteria at once. Dropdown lists.

You can enter one or several words into the search bar. Words can be written in whole or in part (3 or more letters).

Example

To find a permission with the description Test permission for chief administrator you need to enter any of the words: test, permis, chief, adm.

caution

You can't enter the trailing substring of the word to the search bar. If you enter the mission (the trailing substring of the word permission), this permission will not be found.

You can search for a permission using two words, e.g. test permis, permis chief, chief adm.

caution

The words in the search query must be in the same order as in the description of the permission. If you enter the permis test, the permission will not be found, because these words follow in the opposite direction in the description of the permission.

The words in the search query must match the words that were next to each other in the reason for opening the session. You cannot enter words that have other words between them in the description. If you enter the test adm, the permission will not be found, because there are some other words between these words in the description.

You can search by one or several criteria. If you select several criteria, permissions that meet all of the listed criteria will be displayed.

Example

If you select john.smith@company.demo in the User field and Revoked in the State field, then only permissions of this user with this connection type will be displayed.

caution

Only one value can be selected in each field. You will not be able to display the permissions of the users john.smith@company.demo and james.smith@company.demo by one extended search query. You can do this using a text search for the query smith.

Permission Page

The permission page displays the following data:

  • Description — custom text
  • Organizational unit — the name of organizational unit in which the resource belongs
  • Users — Active Directory users for which permission is granted
  • Created by — Axidian Privilege administrator account who created the permission
  • Сreated at — date and time the permission was created
  • Validity period — the dates during which the permission is active
  • Access schedule — the time period during which the permission is active
  • View account credentials — permission to view the password or SSH key of the access account in the User console
  • Resource — the name of the resource on which an RDP, SSH or web session can be opened on behalf of the account specified in the permission
  • Connection type — remote connection type (RDP, SSH, custom types)
  • Connection address — DNS name or IP address of the resource
  • Account — an account that is used to open an RDP, SSH or web session on the resources specified in the permission