Create an PAM provider from a template by following the steps below.
To create the provider, first navigate to Administration – Privileged access in Devolutions Server and select Providers.
Click on the + sign to add a provider.
Select Anyidentity and then choose your template. An existing provider template named Windows Local Accounts is displayed here.
Define a name and provide values for all of the provider properties.
providers are designed for connecting to a single identity provider endpoint. It is generally recommended to create one provider per identity provider.
After providing values for all of the provider properties, there is an option to add a PAM vault for the provider or to add a scan configuration. By default, Add PAM vault is selected. See Scan configuration to learn about adding a scan configuration.
On this page, a credential can also be specified to run all actions under, or a specific Windows host can be designated to execute the actions.
By default, an provider executes all actions on Devolutions Server under the NETWORK SERVICE user account. If a username and password are specified under Run as, will first attempt to authenticate to the Devolutions Server using that user account and execute all action scripts under that account. If a Host name is specified, assumes a remote Windows host and will attempt to run all action scripts locally on that host via PowerShell remoting.
Finally, under Settings, a custom password policy can be provided, if necessary. All available custom password policies can be found under Administration – Password policies. When the password rotation action runs, it will use the password policy defined here to generate a new password.
Give us Feedback