PxM Platform Administrators Guide

This guide will help you navigate your way round the PxM Platform Web Management Interface, help you with the configuration of your system and the setup and management of privileged access.

This section covers:

Overview

The PxM Platform is a privileged user management system that allows you to implement a least-privilege user model when granting user access to devices and device tasks across your infrastructure.

The PxM Virtual Appliance provides an easy to use Web Management Interface for administrators, allowing you to quickly configure and manage user privileges.

The PxM Platform ensures users never need to know the password of privileged account credentials of devices, enabling secure access and eliminating the risk posed through shared privileged account credentials.

The PxM Platform also provides a comprehensive audit trail, including session recording, allowing you to review and analyse end-to-end accountability of your users access and knowing who did what, when and where. Along with our behaviour analytics reporting feature, user access can be adjusted and improved, ensuring a least-privilege model can be easily implemented.

For more information on PxM Platform products and solutions, click here.

Accessing the Web Management Interface

The Web Management Interface is accessed through the PxM Client or web login. Only authorised administrators will have full access to the interface functionality and administrative tasks. An authorised administrator is a user who has the Role: Superadmin access level.

For more information about the PxM Client click here.

Superadmin Interface

If this is a new PxM Platform Virtual Appliance, and it is the first time you are logging on, then you will need the primary superadmin account details to start creating user accounts.

During the initial configuration phase of the PxM Platform Virtual Appliance setup, a primary superadmin user account was created and given a password. This user is locally authenticated and is used to log on to PxM Platform and access the Web Management Interface.

Use the primary superadmin account to create personalised user accounts, then log off from the PxM Platform and log back in using your personal account created.

Note

The primary superadmin account should NOT be used by users to manage the PxM Platform Virtual Appliance, as it won't give individual user accountability and auditing.

PxM Platform Access Levels

It is important to first work out what level of access will be required for those who will be managing and configuring the system, to those who will monitoring information and analysing data.

By understanding the PxM Platform role-based access levels available, the permissions each of the roles will give and what operations the permissions will allow, you can apply a least privileged model when granting access to the Web Management Interface.

Use the following defined device access levels to assign users permission to your PxM environment:

Application Section Action SuperAdmin Auditor Reporter User
PxM Virtual Appliance Console Troubleshooting Shutdown Yes
Reboot Yes
System Status Yes
Restart Services Yes
Restart Queues Yes
Purge Queues Yes
Restart RDP Yes
Restart Support Password Yes
Unlock Support Password Yes
Clear notifications Yes
Change IP Address Yes
Web Management Interface Manage Manage users r/w r/o
Manage user groups r/w r/o
Manage devices r/w r/o
Manage Active Directory r/w r/o
Manage static vaults r/w r/o
Manage accounts r/w r/o
Manage account mappings r/w r/o
Manage profiles r/w r/o
Manage schedules r/w r/o
Manage files r/w r/o r/o
Manage MAP servers r/w r/o
Reporting Device access r/w r/o r/o
Change tickets r/w r/o
User rights audit r/w r/o
Tasks r/w r/o r/o
Inventory r/w r/o r/o
Management r/w r/o r/o
Analytics r/w r/o
Behaviour Analytics r/o r/o
System System queue r/w r/o
System configuration r/w r/o
API applications r/w r/o
Template library r/w r/o
Email subscriptions r/w r/o
subscriptions
Logs r/w r/o
Inventory r/w r/o
Personal My devices r/o r/o
My accounts r/o r/o
My tasks r/o r/o
My files r/o r/o
Change password r/o r/o

Interface Layout

The Web Management Interface is divided into the following main areas:

Area Description
Left-hand menu Provides links to various areas of the interface. Clicking on a menu option opens the relevant workspace in the main window.
Workspace This is the main part of the window.
Tabs Are located above the workspace and opened when you click on a link in the left-hand menu. Tabs provide easy navigation between multiple opened pages.

Resetting Interface Preferences

Interface preferences are stored per PxM user. Clicking on Reset Interface, which can be found at the bottom of the left-hand menu, will clear any references which have been applied.

The following will be reset:

  • System Queue Auto-refresh (10s) will be unchecked.
  • Table column widths.
  • ‘Don’t ask me again’ checkbox will be unchecked.
  • Any open tabs will be closed.
  • Filters applied to tables.
  • ‘Do not show this page again’ checkbox will be unchecked for the Getting started page.

Common Interface Functions

When navigating your way round the Web Management Interface take note of the following functions that will be useful to know.

Context Menu

Context menu and options are available when you right-click a table row. Available options within a context menu will vary depending on the page you are on. Listed below are some of the more common options you will find:

Icon Description
Show and Show linked Navigates to the named page relating to your selection where you can view and manage the configuration of an individual record.
For example:
Show named user page Named user page.
Show named device page Named device page.
Show named profile pageNamed profile page.
Select all Select all Enables you to highlight all the entries in the table. Once highlighted you can:
Edit pencil Multi-row edit.
Password Change password(s).
Delete Record will be unprovision and deleted.
Edit pencil Edit The inline editing functionality allows you to update the details within the row.
Edit pencil Multi-row Edit Allows you to highlight a number of rows and multi-edit common fields within the Multi-row editor window.
DeleteRemove from Allows you to right-click and remove the user, device, or profile from the current configuration.
View log Opens up the Log viewer window and displays the log information for the selected entry.

Inline Editing

The inline editing functionality allows you to update details on the manage pages.

To edit an individual entry click on the Edit pencil icon at the end of each row or right-click and select Edit pencil icon from the context menu.

Once updated, click on the Save icon at the end of the row.

To update multiple entries, highlight a number of rows, then right-click and select Edit pencil icon from the context menu. Update the Multiple-row editor window and click Save changes. Changes will be applied to all selected rows.

Note

Fields available for editing will vary depending on whether you have selected an individual entry or multiple entries.

Example:

Multi-row editor

Refresh Button

Each time you switch between tabs in the interface, the workspace data is refreshed to ensure it is up-to-date.

You can manually refresh sections of the workspace by clicking the Refresh buttons.

Refresh button

The Home page and System queue page also have an Auto-refresh checkbox that, when checked, refreshes the page periodically after a set number of seconds.

Auto Refresh button

CSV Download

The download button enables you to export all the data on the page into a CSV file format. If a filter has been applied on the page, then only the filtered data will be downloaded to the CSV file.

Download button

Filtering

To quickly find an entry, many of the tables have search filters above the titles of each column.

Search filters

For example, to filter on the Manage users page:

  1. Click on the Manage users page in the left-hand menu.

  2. Within the Manage users window, click in the search field above the Name column.

  3. Type in your search criteria. As you start typing your search criteria, the data will automatically start to update. Only the entries which match your search criteria will be displayed in the table.

  4. To narrow your search further, use multiple search fields. Other search options include tickboxes, dropdown list boxes and calendar date selectors.

    In this example, we have used the following to narrow our search:

Column header Search criteria
Name Typed ‘L’ to search for all names that contain an ‘L’.
Checked box Tick the checkbox.
This will narrow down the list further to only include names containing an 'L' and the account is enabled.
Dropdown list box Click the Sort descending down arrow to reveal the list box options and select Local.
The search will now be narrowed down to all enabled users with the name containing an ‘L’ and are locally authenticated.

Example search filter

Note

To clear a search filter, click on the Grey cross icon, which appears when you click within a search field.

Checkboxes

The following describes the behaviour seen when clicking on the checkboxes during filtering.

Checkbox Behaviour
Checked box When the checkbox is checked, the filter will contain all lines that have the checkbox checked.
Unchecked box When the checkbox is unchecked and has a black outline, the filter will contain all lines that have the checkbox unchecked
Neutral box When the checkbox is grey, it means there is no filter set.

Customise Table Views

You can customise the appearance of most tables by dragging and dropping the table columns or by using the column drop down options.

The options available are:

Header Description
Sort Ascending Sorts in alphanumeric (A-Z) order.
Sort Descending Sorts in descending alphanumeric (Z-A) order.
Columns Table columns can be shown or hidden from view.
Group by Group by allows the data to be grouped based on the column selected. Group folders are created which can be expanded to reveal the list.
NOTE The group by feature can not be used on pages with over 1000 records.

Note

Table customisations do not persist across web browser sessions.

Configure Sort

The configure sort option allows you to prioritise the order of the columns when sorting is applied.

To configure a sort on a table:

1 Right-click on a table heading OR left-click on the heading and then click on the Sort descending.

![Table context menu](images/generic/table_context_menu.png)
  1. Click Configure sort….

    Configure sort

  2. Within the Sort window, you will see the default sort which has been configured. Click the Plus icon Add level button to add a new sort entry.

    Example Configure sort

  3. Click the Save icon to save the entry.

  4. Once you have added all your levels, you can use the Sort ascending or Sort descending to change the order of the search. The entry in the list must be highlighted in order to change the level.

  5. Click Apply to save and update the table.

    The columns will contain a number in the heading to indicate the order they are being sorted.

Data highlighted in blue and underlined is a link that will navigate you to the relevant page.

For example:

  1. Click on the Manage users page in the left-hand menu.

  2. Within the Manage users window, click on a name in the list, which you will see is highlighted in blue and underlined.

  3. The User details page opens up in a new tab and you are navigated to the page.

Plus Icon

The Plus icon icon next to headings in the left-hand menu is a shortcut. When clicked the associated manage page is opened and a new window to add the object selected.

For example, clicking on the Plus icon next to Users, will give the following tab and new window.

New user plus

Supporting Documentation

Other documentation relating to the PxM Platform include:

The following can be found on our Support portal.

  • PxM Platform Release Notes: covers new features, enhancements and bug fixes in relation to the latest release.

  • PxM Platform Virtual Appliance: latest version download links and any pre or post installation requirements.

  • PxM MAP Server Installer: latest version download link.

  • Latest Template Bundle: The template bundle is not release dependant so check here for latest downloable bundle.

The following can be found on our website on the Documentation page.

  • PxM Virtual Appliance Installation Guide: individual guides covering deployment within VMware vSphere, Microsoft Azure, Microsoft Hyper-V and Amazon Web Services environments.

  • PxM MAP Server Installation Guide: step by step instructions to installing and upgrading the PxM MAP Server.

  • PxM Virtual Appliance Upgrade Guide: instructions on how to successfully upgrade your existing PxM Virtual Appliance to the latest release version.

  • PxM Virtual Appliance Backup and Restore Guide: step by step instructions on how to restore a PxM Virtual Appliance using a new PxM Virtual Appliance and backup file.

  • PxM Client : instructions on how to install, upgrade and use the PxM Client interface on a workstation running Windows or macOS.