Skip to content

Device connections

This sections walks you through how to find and single sign-on to a device tool and execute system tasks.

Device list navigation

The UI displays a list of devices that can be accessed. You can navigate the device list across two tabs, each providing a number of actions which can be performed on a tool.

The tabs and actions available include:

Access Finder tab

The ACCESS FINDER tab lists the tools and system tasks that you have access to and displays details including access level, device address and other device details.

Further details can be found on the PAM UI Quickstart and PAM Client Quickstart guides.

Access Finder tab

Shortcuts tab

The SHORTCUTS tab lists the tools and system tasks that you have pinned and recently accessed.

Shortcuts tab

Highlighting

Highlighting a pinned or recently accessed tool or system task will show where it is listed on the ACCESS FINDER device list.

To highlight a tool or system task, hover over and click the icon.

Highlight a tool

The UI will switch to the ACCESS FINDER tab and the tool or system task will be highlighted.

Highlighted tool

Reordering

To reorder a pinned tool or system task, hover over and click the icon and drag up or down to the desired position.

Reorder a tool

Pinning

Pinning a tool or system task will add it to the pinned list on the SHORTCUTS tab. This allows frequently used tools and system tasks to be easily located within the UI.

To pin, hover over a tool or system task and click the icon.

Pinning a tool

To unpin, hover over a tool or system task and click the icon.

Unpinning a tool

Keyboard shortcuts

Keyboard shortcuts provide an alternative method to navigating the device list. The following table describes the keys or combinations of keys that provide the shortcut.

Shortcut Description
Ctrl + Spacebar Enter keyboard mode.
Ctrl + Home Focus on first device.
Ctrl + End Focus on last device.
Ctrl + Focus on previous device.
Ctrl + Focus on next device.
Ctrl + Focus jumps up five devices.
Ctrl + Focus jumps down five devices.
Tab Navigate through the current device's tool and system task options.
Shift + Tab Navigate through the current device's tool and system task options in reverse order.
Ctrl + / Focus on search bar.

Device states

Each device is regularly monitored to determine its availability. The colour of the device presented to you will highlight the devices current state.

Indicator Description
Server Green The device can be successfully accessed.
Server Red Unable to make a connection to the device.
Server Blue This device is not managed by Osirium PAM but the device credentials are saved on the PAM Server. The only tools available for devices are Reveal Credentials and Update Credentials.

Device tools

The tool available to make a connection to a device is determined by the device type. The following table describes the different tools that maybe used by devices to make a connection or manage credentials.

Icon Description
Browser Session will be launched within a browser window.
Desktop Remote Session will be launched using a remote desktop tool.
Command Line Session will be launched using an SSH client.
MAP Session Session will be launched using a remote application tool.
SFTP Session will be launched using an SFTP protocol tool.
Credentials Reveal/Update credentials tool will be launched.

Approval Requests

Devices that require approval before they can be accessed will be greyed out and an Approval request icon will appear when selected. To connect to the device you will have to submit a request for access. Once approved the device will no longer be greyed out and you will be able to connect to the device tool within the requested scheduled time frame.

  • To Request access click here.
  • To Approve access click here.

Approval request required

Single signing onto device tools

A device tool can be launched by clicking on it from the list. The authentication and single sign-on process is handled by Osirium PAM so you won't be prompted to enter any credentials.

Note

If your tool is greyed out then it may require you to Request Access.

The credentials used to sign-on to the device will have a predefined access level. The access level can be seen next to the tool. This access level will determine the level of permission and privilege granted to you for the device session and it is set by your SuperAdmin.

The device tool will open once successfully authenticated. You are now ready to commence with your work on the device.

Change Tickets

Some device access maybe linked to change tickets which will allow access only after a change ticket reference has been entered. The change ticket will be used to track access and monitor work carried out.

Entering a change ticket:

  1. Click on the device tool. If a change ticket is required then you will be presented with the Change Ticket Required window.

  2. Within the Change ticket required window, enter a reference to easily identify the change. This can be a change ticket reference number, description or ID.

    Change Ticket acquire

  3. Once the information has been entered, click SUBMIT. You will be logged onto the device. You can now carry out the work as specified on the change ticket.

  4. When you have completed your work under the ticket, close the device session. This will close the ticket and the device session.

Session recording

Session recording is a tool that is used to record device session activities. Sessions being recorded can be viewed in real-time by your SuperAdmins and saved recorded sessions are available for playback and viewing at anytime.

Before your session starts you maybe prompted with a Session Recording Terms of Use window, if one has been configured. If configured, you will need to accept the agreement in order to proceed to your device session.

session recording terms of use

When you have been successfully logged onto the session a Session recording icon will appear in the top left-hand corner of the device session window to indicate that all your activities during the session will be recorded.

Executing system tasks

The execution of tasks refers to system tasks that can be run on the PAM Server to perform a set action. The device list displays the system tasks you have been granted access to and have permission to execute. You do not need to know the command when executing the system task as Osirium PAM provides this information.

A system task can also be executed on a scheduled basis via a profile. See Manage profiles.

To execute a system task:

  1. Click the system task icon which can be found listed under the PAM Server.

  2. The task is opened.

    Task execution window

  3. Select the PAM Server from the list.

    Execute task

  4. Click EXECUTE to run the system task.

  5. Within the Question window, click YES.

  6. Wait while the task is executed. Progress can be seen in the Action queue window. When you have finished click DONE.

    If you have run a task that creates a file, you will be presented with the Output files tab.

    Output tab

  7. From here you can download the file by clicking on download icon and then from the Shared Drive click on the file to download to your local computer.

    Download and Shared Drive

  8. Close the windows when finished.

Native tool menu actions

When you are using PAM (with tools set to launch with the Osirium PAM built-in tools), a blue menu bar will be visible at the top of the session window. This menu bar contains a number of actions which can be performed within the session.

Native tools menu actions

The actions available in the menu bar include:

Shared Drive

The Shared Drive mechanism will allow you to perform the following actions from the device session.

File Sharing

All device sessions, with the exception of SSH, allow for file sharing to be performed between the local machine and the remote session.

For Remote Desktop / Remote Application the Shared Drive on PAM UI mapped network drive can be viewed in your File Explorer window within your device session.

Shared on PAM UI

For HTTP(s) the file sharing folder is created dynamically with a unique ID with the session name. The download operations inside this session will download files to this folder, and the upload dialog will automatically open on this folder as well.

File upload browser session

Secure File Transfer (SFTP) uses a shared folder within a Filezilla SFTP client.

The files and folders available in the shared drive can be accessed locally by using the Shared Files window which can be accessed by clicking on the icon located in the top right hand corner.

Shared drive window

Downloading a File

The following instructions allow you to download a file from your remote session to your local machine.

  1. Within the Remote Desktop window, open up a File Explorer window.

  2. From the File Explorer window, copy the file you wish to download into the Shared on PAM UI folder.

    RDP Explorer window

  3. Now click on the icon located in the top right hand corner.

  4. The Shared Drive window will open. You will see the file copied to the Shared Drive on PAM UI folder is listed.

    Shared Drive window with Explorer window

  5. To download the file to your local machine simply click on the file within the Shared Drive window. The file will be downloaded by the browser.

Uploading a File

The following instructions allow you to upload a file from your local machine to your remote session.

Note

For a file to be uploaded the appliances internal disk must have sufficient free space available.

  1. Within the Remote Desktop window, click located in the top right hand corner. The Shared Drive window will open.

    Shared Drive window

  2. Within the Shared Drive window, either drag and drop the file(s) from your local machine to the Shared Drive window or use the Plus to open your local machine File Explorer window and select the files to be uploaded onto the remote session.

  3. Once the file has been successfully uploaded it will be available in the Shared on PAM UI folder on your remote session.

    Shared Drive window with Explorer window

Ctrl-Alt-Delete Command

The icon allows you to send the Ctrl-Alt-Del computer keyboard command within your remote desktop session.

Copy and Paste

This functionality will allow you to copy and paste content between your local machines clipboard and the clipboard on the remote session you are connected to.

Note

To allow sharing between local and remote clipboards the Allow RDP Clipboard tool option must be enabled within the profile. See Manage profiles.

The functionality will differ between supported browsers:

Chrome and Edge Browsers

The latest versions of Chrome and Edge support seamless clipboards which provides interoperability between the local and remote clipboards. When this feature is supported the clipboards will be kept in sync without manual intervention, allowing for seamless copy and paste operations across both.

Note

The first time a user launches a device session with the Allow RDP Clipboard tool option enabled within the profile, the Enable Shared Clipboard window will be displayed asking the user if they wish to enable the clipboard sharing. The selection is stored as a user setting, and the Enable Shared Clipboard window will not be shown to the user again.

Enable Shared Clipboard

When enabled, the clipboard sharing icon will be displayed as , and when disabled displayed as .

To change the current user setting click the Shared Clipboard icon to toggle between enabled and disabled.

Firefox and Safari Browsers

When using Firefox and Safari the Shared Clipboard tool is used for performing copy and paste operations between the local and remote clipboards.

Copy from local clipboard to remote session
  1. Make sure the content you wish to copy is in the clipboard of your local machine.

  2. Within the Remote Desktop window, click the icon. The Shared Clipboard window will open.

    Shared Clipboard Empty

  3. Within the Shared Clipboard press CTRL+V. The text from your local machine clipboard is pasted into the remote session clipboard.

    Shared Clipboard Empty

  4. Within the Remote Desktop window, open the application you wish to paste the copied text into and press CTRL+V to paste. The copied text is pasted into the remote desktop window.

Copy from remote session clipboard to local
  1. Make sure the content you wish to copy is displayed in Shared Clipboard window on the remote session.

    Shared Clipboard Empty

  2. Highlight the text and press CTRL+C. The text from the remote session clipboard is pasted into your local machines clipboard.

    Shared Clipboard Empty

  3. On your local machine, open the application you wish to paste the copied text into and press CTRL+V to paste. The copied text is pasted into the local machine window.