Device connections
This sections walks you through how to find and single sign-on to a device tool and execute system tasks.
Device list navigation
The UI displays a list of devices that can be accessed. You can navigate the device list across two tabs, each providing a number of actions which can be performed on a tool.
The tabs and actions available include:
Access Finder tab
The ACCESS FINDER tab lists the tools and system tasks that you have access to and displays details including access level, device address and other device details.
Further details can be found on the PAM UI Quickstart and PAM Client Quickstart guides.
Shortcuts tab
The SHORTCUTS tab lists the tools and system tasks that you have pinned and recently accessed.
Highlighting
Highlighting a pinned or recently accessed tool or system task will show where it is listed on the ACCESS FINDER device list.
To highlight a tool or system task, hover over and click the icon.
The UI will switch to the ACCESS FINDER tab and the tool or system task will be highlighted.
Reordering
To reorder a pinned tool or system task, hover over and click the icon and drag up or down to the desired position.
Pinning
Pinning a tool or system task will add it to the pinned list on the SHORTCUTS tab. This allows frequently used tools and system tasks to be easily located within the UI.
To pin, hover over a tool or system task and click the icon.
To unpin, hover over a tool or system task and click the icon.
Keyboard shortcuts
Keyboard shortcuts provide an alternative method to navigating the device list. The following table describes the keys or combinations of keys that provide the shortcut.
Shortcut | Description |
---|---|
Ctrl + Spacebar | Enter keyboard mode. |
Ctrl + Home | Focus on first device. |
Ctrl + End | Focus on last device. |
Ctrl + ↑ | Focus on previous device. |
Ctrl + ↓ | Focus on next device. |
Ctrl + ← | Focus jumps up five devices. |
Ctrl + → | Focus jumps down five devices. |
Tab | Navigate through the current device's tool and system task options. |
Shift + Tab | Navigate through the current device's tool and system task options in reverse order. |
Ctrl + / | Focus on search bar. |
Device states
Each device is regularly monitored to determine its availability. The colour of the device presented to you will highlight the devices current state.
Indicator | Description |
---|---|
The device can be successfully accessed. | |
Unable to make a connection to the device. | |
This device is not managed by Osirium PAM but the device credentials are saved on the PAM Server. The only tools available for devices are Reveal Credentials and Update Credentials. |
Device tools
The tool available to make a connection to a device is determined by the device type. The following table describes the different tools that maybe used by devices to make a connection or manage credentials.
Icon | Description |
---|---|
Session will be launched within a browser window. | |
Session will be launched using a remote desktop tool. | |
Session will be launched using an SSH client. | |
Session will be launched using a remote application tool. | |
Session will be launched using an SFTP protocol tool. | |
Reveal/Update credentials tool will be launched. |
Approval Requests
Devices that require approval before they can be accessed will be greyed out and an icon will appear when selected. To connect to the device you will have to submit a request for access. Once approved the device will no longer be greyed out and you will be able to connect to the device tool within the requested scheduled time frame.
Single signing onto device tools
A device tool can be launched by clicking on it from the list. The authentication and single sign-on process is handled by Osirium PAM so you won't be prompted to enter any credentials.
Note
If your tool is greyed out then it may require you to Request Access.
The credentials used to sign-on to the device will have a predefined access level. The access level can be seen next to the tool. This access level will determine the level of permission and privilege granted to you for the device session and it is set by your SuperAdmin.
The device tool will open once successfully authenticated. You are now ready to commence with your work on the device.
Change Tickets
Some device access maybe linked to change tickets which will allow access only after a change ticket reference has been entered. The change ticket will be used to track access and monitor work carried out.
Entering a change ticket:
-
Click on the device tool. If a change ticket is required then you will be presented with the Change Ticket Required window.
-
Within the Change ticket required window, enter a reference to easily identify the change. This can be a change ticket reference number, description or ID.
-
Once the information has been entered, click
SUBMIT
. You will be logged onto the device. You can now carry out the work as specified on the change ticket. -
When you have completed your work under the ticket, close the device session. This will close the ticket and the device session.
Session recording
Session recording is a tool that is used to record device session activities. Sessions being recorded can be viewed in real-time by your SuperAdmins and saved recorded sessions are available for playback and viewing at anytime.
Before your session starts you maybe prompted with a Session Recording Terms of Use window, if one has been configured. If configured, you will need to accept the agreement in order to proceed to your device session.
When you have been successfully logged onto the session a icon will appear in the top left-hand corner of the device session window to indicate that all your activities during the session will be recorded.
Executing system tasks
The execution of tasks refers to system tasks that can be run on the PAM Server to perform a set action. The device list displays the system tasks you have been granted access to and have permission to execute. You do not need to know the command when executing the system task as Osirium PAM provides this information.
A system task can also be executed on a scheduled basis via a profile. See Manage profiles.
To execute a system task:
-
Click the system task icon which can be found listed under the PAM Server.
-
The task is opened.
-
Select the PAM Server from the list.
-
Click
EXECUTE
to run the system task. -
Within the Question window, click
YES
. -
Wait while the task is executed. Progress can be seen in the Action queue window. When you have finished click
DONE
.If you have run a task that creates a file, you will be presented with the Output files tab.
-
From here you can download the file by clicking on download icon and then from the Shared Drive click on the file to download to your local computer.
-
Close the windows when finished.
Native tool menu actions
When you are using PAM (with tools set to launch with the Osirium PAM built-in tools), a blue menu bar will be visible at the top of the session window. This menu bar contains a number of actions which can be performed within the session.
The actions available in the menu bar include:
Shared Drive
The Shared Drive mechanism will allow you to perform the following actions from the device session.
File Sharing
All device sessions, with the exception of SSH, allow for file sharing to be performed between the local machine and the remote session.
For Remote Desktop / Remote Application the Shared Drive on PAM UI mapped network drive can be viewed in your File Explorer window within your device session.
For HTTP(s) the file sharing folder is created dynamically with a unique ID with the session name. The download operations inside this session will download files to this folder, and the upload dialog will automatically open on this folder as well.
Secure File Transfer (SFTP) uses a shared folder within a Filezilla SFTP client.
The files and folders available in the shared drive can be accessed locally by using the Shared Files window which can be accessed by clicking on the icon located in the top right hand corner.
Downloading a File
The following instructions allow you to download a file from your remote session to your local machine.
-
Within the Remote Desktop window, open up a File Explorer window.
-
From the File Explorer window, copy the file you wish to download into the Shared on PAM UI folder.
-
Now click on the icon located in the top right hand corner.
-
The Shared Drive window will open. You will see the file copied to the Shared Drive on PAM UI folder is listed.
-
To download the file to your local machine simply click on the file within the Shared Drive window. The file will be downloaded by the browser.
Uploading a File
The following instructions allow you to upload a file from your local machine to your remote session.
Note
For a file to be uploaded the appliances internal disk must have sufficient free space available.
-
Within the Remote Desktop window, click located in the top right hand corner. The Shared Drive window will open.
-
Within the Shared Drive window, either drag and drop the file(s) from your local machine to the Shared Drive window or use the to open your local machine File Explorer window and select the files to be uploaded onto the remote session.
-
Once the file has been successfully uploaded it will be available in the Shared on PAM UI folder on your remote session.
Ctrl-Alt-Delete Command
The icon allows you to send the Ctrl-Alt-Del computer keyboard command within your remote desktop session.
Copy and Paste
This functionality will allow you to copy and paste content between your local machines clipboard and the clipboard on the remote session you are connected to.
Note
To allow sharing between local and remote clipboards the Allow RDP Clipboard tool option must be enabled within the profile. See Manage profiles.
The functionality will differ between supported browsers:
Chrome and Edge Browsers
The latest versions of Chrome and Edge support seamless clipboards which provides interoperability between the local and remote clipboards. When this feature is supported the clipboards will be kept in sync without manual intervention, allowing for seamless copy and paste operations across both.
Note
The first time a user launches a device session with the Allow RDP Clipboard tool option enabled within the profile, the Enable Shared Clipboard window will be displayed asking the user if they wish to enable the clipboard sharing. The selection is stored as a user setting, and the Enable Shared Clipboard window will not be shown to the user again.
When enabled, the clipboard sharing icon will be displayed as , and when disabled displayed as .
To change the current user setting click the Shared Clipboard icon to toggle between enabled and disabled.
Firefox and Safari Browsers
When using Firefox and Safari the Shared Clipboard tool is used for performing copy and paste operations between the local and remote clipboards.
Copy from local clipboard to remote session
-
Make sure the content you wish to copy is in the clipboard of your local machine.
-
Within the Remote Desktop window, click the icon. The Shared Clipboard window will open.
-
Within the Shared Clipboard press CTRL+V. The text from your local machine clipboard is pasted into the remote session clipboard.
-
Within the Remote Desktop window, open the application you wish to paste the copied text into and press CTRL+V to paste. The copied text is pasted into the remote desktop window.
Copy from remote session clipboard to local
-
Make sure the content you wish to copy is displayed in Shared Clipboard window on the remote session.
-
Highlight the text and press CTRL+C. The text from the remote session clipboard is pasted into your local machines clipboard.
-
On your local machine, open the application you wish to paste the copied text into and press CTRL+V to paste. The copied text is pasted into the local machine window.