• Planned

    5

    A single rule for all linux/unit machines using same privilege account ...

    If there is 100 linux/unix machines, all using the same privilege account id, for example: root Then, there is 100 x credential vault configuration for each linux/unix ...

  • Votes

    3

    8 second password view

    In PAM User console, for the password Checkout feature, after user checks-out, the credentials are displayed for 8 seconds and then hidden. The user can click 'Show ...

  • Votes

    1

    Add Account Domain Credential and Host Group Command Control ...

    Have the ability to automate adding local account, domain account and DBMS local account to the credential vault. Have the ability to automate adding host to Host group ...

  • Votes

    5

    Enable input keystrokes but disable output in session recording

    We have an issue where a user of PAM could have PII or PHI data returned in their Unix sessions. We have been rolling out PAM to servers we host in EU. Our legal team ...

  • Votes

    5

    Make available an option to have more complex workflows

    Have the ability to set up more complex approval workflows such as more than one level such as a specific user as first level and then a compliance/Information Security ...

  • Votes

    1

    Schedule one-time access

    It would be great to have another schedule option for one-time schedules granting permission to a rules for a set calendar dates. In PAM Command Control / Schedules have ...

  • Votes

    2

    List all commands available from policies for USRUN

    It would be a nice option for a local Linux/Unix user to be able to list all the enhanced commands available to the user (from policies) for USRUN.

  • Votes

    3

    Able to run the password reset using scheduler

    To be able to run the password reset using scheduler for the privileged account set in the credential vault. This is to comply with the password age policy.

  • Votes

    5

    configure PAM to use credential/authentication in msgagnt smtp

    send email notification to client using smtp credentials in msgagnt.

  • Votes

    6

    Shoulder Monitoring feature

    The PAM market guide specifically calls out the feature to monitor user activities in REAL TIME. Our video recording feature is useful to show people how they can track ...

  • Votes

    8

    PAM Relay - Allow relay users to logon to remote host with any account

    We would like to request the ability for the PAM relay to allow users to log onto certain remote hosts with any account, even when the account they want to use is not ...

  • Votes

    5

    Manage email notifications in Command Risk configuration

    As a user configuring Command Risk in the Command Control Console (risk, auto-disconnect, auto-block), it would be convenient to be able to toggle an email notification ...

  • Votes

    7

    Implement Attribute Based Access Policies

    In IDM, there is a plethora of customers who implement Attribute Based Access Policies. So by just assigning a resource (rather than a role that maps to a group ...

  • Planned

    4

    Password Synchronization for root user

    There should be an option to select the Linux and Unix agent(s) to reset the root password. P.S. This won't break ssh-relay(vault > account domain) by using ssh keys ...

  • Votes

    5

    Credential Vault

    - Allow to create a ssh domain for check in and check out credentials, being configured using ssh keys instead of root proxy user.

  • Votes

    4

    Credential Vault

    - Expose available credentials from the vault on user´s portal, and allow users to choose which credential they want to retrieve from the vault for password check in and ...

  • Votes

    8

    retention policy

    there must be a way to configure retention policies for recording data. Also Retention Policy shouldn't be Just global but there must be an option to create multiple ...

  • Votes

    8

    Alerts to send email when a machine/agent goes offline.

    PAM Manager displays the status of machines(agents) but there must be an option to configure Alerts to send email when a machine/agent goes offline. Advantage: if a ...