Skip to main content
Version: Axidian Privilege 3.0

Resources

The section is intended to work with servers, workstations and network equipment.

Search is located in the Resources section.

Enter the Resource Name or Address (DNS address/IP address) in whole or in part in the search bar.

Click Extended search and enter one or more criteria, Resource name or Address (DNS or IP) in whole or in part. Select Resource State, Service Connection, User Connection, SSH Key Fingerprint.

Resource Page

The page displays the data of the resource specified while adding it:

  • Resource name — is the computer name.
  • Description — this can be an arbitrary text.
  • DNS name — DNS name of the resource.
  • IP address — IP address of the resource.
  • Operating system — the name and version of the operating system (populated after synchronization).
  • Policy — is the set of rules applied to local accounts added to Axidian Privilege.
  • Organizational unit — organizational unit's name the resource belongs to.
  • Synchronization date — date and time of the last data synchronization.
  • Accounts synchronization date — dates and time of the last Accounts synchronization.
  • Service connection — the type of connection to the resource that will be used by the local or domain service account.
  • Template — The name of the template used for service operations (for SSH connector).
  • Service account — Account name used for Service Connection.

User Connection

Connections are displayed and configured here for opening privileged sessions.

For each resource, you can create multiple user connections if several applications are installed on the server where privileged access is required.

Permissions

All permissions where the resource is used are displayed in the Permissions tab.

The following data is displayed for every permission:

  • # — permission number.
  • Users — the Active Directory user, the permission is given to.
  • Organizational unit — organizational unit's name the specified resource belongs to.
  • Resources — resources on which an RDP, SSH, or web session can be opened on behalf of the account specified in the permission.
  • Permissions status icons — Status Tip will be displayed when you hover the mouse cursor.

Local Accounts

The added local accounts are displayed in the Local accounts tab.

The following data is displayed for every account:

  • Name — is the local account's name.
  • Location — the name of the resource or domain, where the account resides.
  • State — displays the current status of the account (Pending, Ignored, Managed, Blocked or Removed).
  • Organizational unit — organizational unit's name the specified resource belongs to.
  • Description — account description.

Resource Groups

Resource groups in which this resource consists, are displayed on the Resource groups tab.

Sessions

All active and finished sessions at the resource are available at the Sessions tab.

The following data is displayed for every session:

  • User — the Active Directory user who initiated the session.
  • Account — the account used to start RDP, SSH or web session.
  • Organizational unit — organizational unit's name the resource belongs to.
  • Resource — resource on which the session was opened.
  • Connection address — The actual address of the connection to the target resource
  • Duration — is the session duration.
  • Connection — the connection type.
  • Connected to Axidian Privilege — date and time when the session was started.
  • Finished — date and time when the session was finished.
  • State — displays the current status of the session (active or finished).

To view detailed information about the session, click on it. To display all sessions for this resource, click Show all.

Events

The resource events are displayed in the Events tab.

The following data is displayed for every event:

  • Creation time — date and time when the event was created.
  • Code — is the event code.
  • Event — is the event description.
  • Component — is the Axidian Privilege component that generated the event.
  • Initiator — is the account that initiated the event generation.

To view detailed information about the event, click on it. To display all events for this resource, click Show all.

Services

caution

This tab is displayed only if the selected resource has a service connection for Windows configured.

All added services are displayed on the Services tab.

For each service the following information is displayed:

  • Service name — the value specified when the service was created. It matches the value of the Service name field of the Services snap-in on the resource.
  • Account — the service runs on behalf of this account.
  • Description — custom text.

Also on this tab you can add a service for this resource, to do this click Add.

Setting a Policy for a Resource

  1. Open the resource profile.
  2. Click to add or change a policy.