The Checkout policy section allows administrators to create and edit separate policies for Privileged Access Management (PAM) checkout. Checkout policies can then be applied to specific entries and folders (right-click, then Properties – Privileged access management (PAM) – Checkout policies), or configured to be applied by default to everything.
| SETTINGS | DESCRIPTIONS |
|---|---|
| Name | Set a name for the checkout policy. |
| Set a default | Apply the checkout policy to every PAM entry/folder by default. |
| Checkout mode | Enable or disable checkouts altogether. |
| Approval mode | Define which requests require approval, if any. |
| Users can approve their own checkout requests | Choose whether users can approve their own requests, and under which condition. |
| Include admins as approver | Include all administrators in the list of approvers when checking out an entry. |
| Include PAM administrators when listing approvers | Include all PAM administrators in the list of approvers when checking out an entry. |
| Reason mode | Choose under which conditions users need to give a reason for checking out an entry. |
| Checkout time (minutes) | Set a default checkout time. |
| Max checkout time (minutes) | Set a maximum checkout time, after which no time extensions are allowed. |
| Ticket number mode | Determine under which conditions the Ticket # field is required to be filled, if at all, when checking out an entry. |
| Terminate sessions on check in | Force session close on checkin. |
Partagez vos commentaires