Skip to content

Tag: <account> - Existing Accounts

Definition

The <account> tag defines an account that Osirium PAM is expecting to find when auditing the device account list using the 'user_show_all task'.

The <account> tag sits inside a group tag of <accounts>. You can define multiple <accounts> tags to hold each parameter or you can add <account> tags to other existing <accounts> tags.

This tag has the following attributes:

Parameters

  • name (str) : The name of the account.

  • system (yes, no): This tells Osirium PAM that the account is expected to be found on the device. Accounts marked as system accounts will be automatically set to the approved state in the accounts table.

  • hidden (yes, no) : This tells Osirium PAM to hide the account from view in the Admin Interface. Use with caution as this might hide legitimate accounts from view.

  • audited (yes, no) : Whether or not the account is expected to be seen in an audit. If set to no, Osirium PAM will assume the account exists.

Example

1
   <account name='admin' system='yes' hidden='no'/>

Parent Tags

Child Tags

  • None