fr

Create an AnyIdentity PAM Provider

Index

To create an AnyIdentity PAM Provider, you first need to create a provider template or import an existing one.

Create an AnyIdentity Template

  1. In Devolutions Server, go to Administration – Privileged Access – Providers.
  2. Click on the AnyIdentity Templates button.

Administration – Privileged Access – Providers – AnyIdentity Templates
Administration – Privileged Access – Providers – AnyIdentity Templates

  1. Click Add to create a new template.

Add a New AnyIdentity Template
Add a New AnyIdentity Template

  1. In the General section, provide a Name (mandatory) and a Description (optional) for your new template. It is also possible to change the displayed icon.
  2. Three actions can be enabled, each with their own script. Check the boxes next to the ones that you want to implement.
    • Password rotation, to reset account passwords.
    • Heartbeat, to synchronize accounts.
    • Account discovery, for scanning.

General Settings
General Settings

  1. In the Provider Properties and Account Properties sections, set the fields that the providers and accounts will implement. Add properties by clicking on the Add property button. For each property, provide a Name and a Type. Below is a list of the different types:
    • Boolean
    • Description (string)
    • Int
    • Password (string)
    • Sensitive Data (SecureString)
    • String
    • Unique Identifier (string)
    • Username (string)

Provider and Account Properties
Provider and Account Properties

  1. Check the Mandatory box next to a property if the fields are required for creation/editing.
  2. For each action that was enabled in the General section, go to the corresponding section in the left menu.
  3. Map the properties of the provider/account that the script needs to work by providing the following:
    • Name: Name of the variable in the script.
    • Source: If the value is provided by the provider or the account.
    • Property: The source property that will be injected into the script. If need be, you can add other script parameters.

Actions Parameters
Actions Parameters

  1. Insert the script of the action either by browsing on your computer to find it or by manually editing the Script field. You can also generate a base script to build upon.

Action Script
Action Script

  1. Test your script once it is complete, then Save your new template.

Your new AnyIdentity template has been created and can be found in the templates list. You can skip to Create an AnyIdentity Provider.

Import an AnyIdentity Template

You can access our public GitHub repository to find AnyIdentity PAM Providers made by the Devolutions team and instructions on how to use them.

  1. In Devolutions Server, go to Administration – Privileged Access – Providers.
  2. Click on the AnyIdentity Templates button.

Administration – Privileged Access – Providers – AnyIdentity Templates
Administration – Privileged Access – Providers – AnyIdentity Templates

  1. Click on the Import button.

Import an AnyIdentity Template
Import an AnyIdentity Template

  1. Upload your .json file, then click on Import.
  2. Adapt the template settings if need be, then click on Save.

Your template has now been imported and can be found in the AnyIdentity Templates list.

Create an AnyIdentity PAM Provider

Once your template has been created or imported, you are ready to create an AnyIdentity provider.

  1. Go to Administration – Privileged Access – Providers, then click Add.

Administration – Privileged Access – Providers – Add
Administration – Privileged Access – Providers – Add

  1. Go to AnyIdentity in the left menu, then select your new template in the list. Click Continue.

AnyIdentity Template Selection
AnyIdentity Template Selection

  1. In the Provider configuration page, provide a Name and a Username, as this information is mandatory. Then, if necessary, set the other options according to your needs.

Provider Configuration
Provider Configuration

  1. Click Save.

Your new AnyIdentity provider has been created and can be found in the providers list.