Create an AnyIdentity PAM provider

To create an AnyIdentity PAM Provider, you first need to create a provider template or import an existing one. There already exists templates for a few providers.

Create an AnyIdentity Template

1. In Devolutions Server, go to Administration – Privileged Access – Providers.
2. Click on the AnyIdentity Templates button.
   

   

3. Click Add to create a new template.
   

   

4. In General, provide a Name (mandatory) and a Description (optional) for your new template. It is also possible to change the displayed icon.
5. Three actions can be enabled, each with their own script. Check the boxes next to the ones that you want to implement.
   • Password rotation, to reset account passwords.
   • Heartbeat, to synchronize accounts.
   • Account discovery, for scanning.
     

     

6. In Provider Properties and Account Properties, set the fields that the providers and accounts will implement. Add properties by clicking on the Add property button. For each property, provide a Name and a Type. Below is a list of the different types:
   • Boolean
   • Description (string)
   • Int
   • Password (string)
   • Sensitive Data (SecureString)
   • String
   • Unique Identifier (string)
   • Username (string)
     

     

7. Check the Mandatory box next to a property if the fields are required for creation/editing.
8. For each action that was enabled in the General section, go to the corresponding section in the left menu.
9. Map the properties of the provider/account that the script needs to work by providing the following:
   • Name: Name of the variable in the script.
   • Source: If the value is provided by the provider or the account.
   • Property: The source property that will be injected into the script. If need be, you can add other script parameters.
     

     

10. Insert the script of the action by either browsing on your computer to find it or manually editing the Script field. You can also generate a base script to build upon.
    

    

11. Test your script once it is complete, then Save your new template. Your new AnyIdentity template has been created and can be found in the templates list. You can skip to Create an AnyIdentity Provider.

Import an AnyIdentity Template

1. In Devolutions Server, go to Administration – Privileged Access – Providers.
2. Click on the AnyIdentity Templates button.
   

   

3. Click on the Import button.
   

   

4. Upload your .json file, then click on Import.
5. Adapt the template settings if need be, then click on Save.

Your template has now been imported and can be found in the AnyIdentity Templates list.

Create an AnyIdentity PAM provider

Once your template has been created or imported, you are ready to create an AnyIdentity provider.

1. Go to Administration – Privileged Access – Providers, then click Add.
   

   

2. Go to AnyIdentity in the left menu, then select your new template in the list. Click Continue.
   

   

3. In the Provider configuration page, provide a Name and a Username, as this information is mandatory. Then, if necessary, set the other options according to your needs.
   

   

4. Click Save.

Your new AnyIdentity provider has been created and can be found in the providers list.