Accessing the PAM Admin Interface
This section is intended to give you an understanding of what is available on the Admin Interface based on your PAM role.
PAM Admin Interface
Within PAM, the Admin Interface is available to all PAM users but the level of access will depend on the PAM role assigned. The PAM roles will determine the view you will see within the Admin Interface and what operations the permissions will allow.
You can determine the access level given to you via the user interface.
User Level Admin Interface
The User access level is the default permission given to any user created within PAM.
When you log into the PAM UI you will see the access level as User alongside the PAM Server > Browser (HTTP) tool.
When you click on the Browser (HTTP) tool to open the Admin Interface, you will be presented with the following:
With User level PAM access, you will have access to the following pages within the Admin Interface:
Menu option | Description |
---|---|
My devices | Lists the devices you have be given access to which can be in the form of tools or tasks on the PAM UI. |
My accounts | Lists the accounts that are used to single sign you on when connecting to the device. |
My Tasks | Task log of tasks you have executed on a device. |
My files | If a file is created from running a device task i.e. techout, backup, it wll be listed here. If you have permission to download the file, you will see a download icon at the end of the row. The process for downloading a file will vary depending on whether or not the Admin Interface is being recorded. See Downloading a file. |
Change Password | Locally authenticated users only Ability to change your PAM login password. |
Help | Provides inline help for the Admin Interface |
Reset Interface | If you have changed any default settings on tables, clicking this will reset any updates to the default. |
Owner Level Admin Interface
The Owner access level is the highest access level and gives you full administrator rights on the Admin Interface, allowing you to view, edit and perform all actions on the page.
When you log into the PAM UI you will see the access level as Owner alongside the PAM Server > Browser (HTTP) tool.
When you click on the Browser (HTTP) tool to open the Admin Interface, you will be presented with the following:
With Owner level PAM access, you will have access to the following sections within the Admin Interface:
Menu option | Description |
---|---|
Manage | The pages available under this section allow you to configure and manage users, add device and manage device accounts, configure user access to device tools and tasks through profiles. |
Reporting | The pages available under this section provide an insight into usage and allows you to analysis and monitor user access. |
System | The pages available under this section allow you to configure PAM Server settings and monitor the system through system queues and logs. |
Reset Interface | If you have changed any default settings on tables, clicking this will reset any updates to the default. |
Admin Level Admin Interface
The Admin access level gives you administrator rights on the Admin Interface, allowing you to view, edit and perform all actions on the page with exception of the following:
- Generating a breakglass KeePass file
- Configuring the osirium_support account
- Revealing credentials
When you log into the PAM UI you will see the access level as Admin alongside the PAM Server > Browser (HTTP) tool.
When you click on the Browser (HTTP) tool to open the Admin Interface, you will be presented with the following:
With Admin level PAM access, you will have access to the following sections within the Admin Interface:
Menu option | Description |
---|---|
Manage | The pages available under this section allow you to configure and manage users, add device and manage device accounts, configure user access to device tools and tasks through profiles. |
Reporting | The pages available under this section provide an insight into usage and allows you to analysis and monitor user access. |
System | The pages available under this section allow you to configure PAM Server settings and monitor the system through system queues and logs. |
Reset Interface | If you have changed any default settings on tables, clicking this will reset any updates to the default. |
Auditor Level Admin Interface
The Auditor access level gives you full read-only access to the Admin Interface.
When you log into the PAM UI you will see the access level as Auditor alongside the PAM Server > Browser (HTTP) tool.
When you click on the Browser (HTTP) tool to open the Admin Interface, you will be presented with the following:
With Auditor level PAM access, you will have access to the following sections within the Admin Interface:
Menu option | Description |
---|---|
Manage | The pages available under this section will allow you to review the configuration that has been implemented to allow users access to device tools and tasks. |
Reporting | The pages available under this section provide an insight into usage and allows you to analysis and monitor user access and device connections. You will also have the ability to play recorded sessions. |
System | The pages available under this section allow you to view the PAM Server settings and look through the system queues and logs. |
Reset Interface | If you have changed any default settings on tables, clicking this will reset any updates to the default. |
Reporter Level Admin Interface
The Reporter access level gives you review management and inventory and view device access. You can also playback session recordings and to manage and download files.
When you log into the PAM UI you will see the access level as Reporter alongside the PAM Server > Browser (HTTP) tool.
When you click on the Browser (HTTP) tool to open the Admin Interface, you will be presented with the following:
With Reporter level PAM access, you will have access to the following sections within the Admin Interface:
Menu option | Description |
---|---|
Personal | The pages in this section provide: - A list of the devices you have be given access to which can be in the form of tools or tasks on the PAM UI. - Lists the accounts that are used to single sign you on when connecting to the device. - A task log of tasks you have executed on a device. - A list of files created from running a device task i.e. techout, backup. If you have permission to download the file, you will see a download icon at the end of the row. The process for downloading a file will vary depending on whether or not the Admin Interface is being recorded. See Downloading a file. - [Locally authenticated users only] Ability to change your PAM login password. |
Manage | The files page allows you to view all the files that have been created. If you have permission to download the file, you will see a download icon at the end of the row. The process for downloading a file will vary depending on whether or not the Admin Interface is being recorded. See Downloading a file. |
Reporting | The pages available under this section allow you to view device connections, play sessions recording and look at the task log. You will also have access to the inventory and management reports. |
Reset Interface | If you have changed any default settings on tables, clicking this will reset any updates to the default. |