Skip to content


Term/Acronym Description
Approval request Approval requests enable just in time (JIT) access, allowing you to provide granular privileged access as and when requested.
Account state Accounts discovered on a device during a device audit are allocated a state to help identify if the accounts are recognised. The account states can be used to review and assess the validity of the audited account that exists on the device.
Account source Refers to the authentication service the account is linked to, and which is used by Osirium PAM to authenticate the accounts on the device.
Admin Interface Web based interface used to manage and administer Osirium PAM.
Cluster Joining Bundle File generated on a leader cluster node and required when joining nodes to an existing cluster.
Control account Account that will be used to manage the device. It will be used by Osirium PAM to manage and communicate with the device/Active Directory.
Device Refers to the device that has been provisioned and is accessed through Osirium PAM.
Device state Status indicators allow you to monitor the current state and accessibility of the device and help highlight any issues with a device.
Device tasks Tasks that can be executed on a device.
Device template See template.
Device tools Protocols used to access a device, i.e. HTTPS, SSH, RDP, etc.
Fingerprint Helps safeguard against man-in-the-middle attacks. Osirium PAM will check that the associated fingerprint matches the devices fingerprint during connection.
Follower Role assigned to all nodes joining a cluster subsequent to the leader node.
Groups of Interest Is a list of Active Directory Security Groups that will be audited by Osirium PAM.
Leader Role assigned to the first PAM Server created in a cluster. The assigned leader role will provide elevated privileges to the PAM Server.
MAP Server Is an Osirium PAM controlled Windows Server used for launching remote applications.
Master Encyption Key (MEK) The underlying encryption key for the PAM Server database, required to recover a system using a backup file and clustering.
MESH Allows an active primary PAM Server to push a copy of its backup file to a secondary PAM Server. The secondary PAM Server does not contain any live configurations. It will be used for restoring the primary server using the backup if the active server goes down.
Node Member of a cluster.
Osirium PAM Osirium's privileged access management suite of products.
PAM Cluster A group of PAM Servers working together to help provide load balancing, greater scalability, increased availability, resilience and simplified management.
PAM Server The main component that drives Osirium PAM. It incorporates the virtual appliance, database, Admin Interface and User Interface.
PAM Server Console Virtual machine console window that provides access to the PAM Server troubleshooting options and command line.
PAM UI Web based interface and access point for users. Provides access to device tools, device tasks and credentials.
PAM UI Server A dedicated web server used to run the web based interface.
Profile Provides role-based management controls and enables you to link together a group of devices, tools, tasks, users and user groups.
Provisioning Process of adding a device to Osirium PAM.
Session Recording Real time actions captured in frames, saved and can be played back.
Shared Drive Mechanism that enables files to be shared between the local machine and the remote machine.
Standalone A single PAM Server that runs on its own and is not part of a cluster.
Static vault Used to store credentials that Osirium PAM isn't able to manage directly on the device.
SuperAdmin account The primary account that will be created during the PAM installation and given full access to the Admin Interface.
Tasks See device tasks.
Template Interface between Osirium PAM and the device. Provides the necessary language to allow Osirium PAM to communicate with the device and provide access control, account provisioning and execution of tasks.
Tools See device tools.
TOTP Time based one-time password, used for multifactor authentication with Osirium PAM.
UI See User Interface.
Unprovision Mechanism that removes the device so it can no longer be administered by Osirium PAM.
User Person who will be logging on and accessing Osirium PAM as well as privileged access to devices and device tasks.
User Group A set of users that require the same access levels.
User Interface Osirium PAM interface (browser or Desktop Client) and access point for users.