• Votes

    2

    Allow per-connection contract configuration for WSFed

    The WSFed connection interface only allows for contract assignment for the protocol, not on a per-connection basis like SAML2. For connections that require different ...

  • Votes

    3

    Recovering all credentials from PAM in a list format

    Let’s suppose a disaster happened and the credentials (e.g. root, administrator) are all stored on PAM. To avoid any dependency of someone knowing each credential, it ...

  • Votes

    2

    PAM appliance

    its very cumbersome to install OS and hardened it, meet the pre-reqs and then install the Software. There must be a PAM Software Appliance.

  • Votes

    1

    Add Account Domain Credential and Host Group Command Control ...

    Have the ability to automate adding local account, domain account and DBMS local account to the credential vault. Have the ability to automate adding host to Host group ...

  • Votes

    5

    Enable input keystrokes but disable output in session recording

    We have an issue where a user of PAM could have PII or PHI data returned in their Unix sessions. We have been rolling out PAM to servers we host in EU. Our legal team ...

  • Votes

    3

    Can we also have risk of host and/or application plus the account ...

    If we have a risk rating of the endpoint being connected to then we can do the following: 1. import risk details from identity governance and other tools. 2. make rules ...

  • Votes

    2

    Agent for Ubuntu

    Can we have agents for Ubuntu please? There are instances when customers just want to use debian based systems and just converting RPM with Alien to DEB file does not ...

  • Votes

    1

    Where is API documentation ?

    Where is API documentation ?

  • Votes

    2

    Secure Login Thick Clients for Mobile Devices

    Hi Team , Is it possible to have secure login client agents developed for Mobile Devices ( android , windows , ioS and ipad ) These days many enterprise applications ...

  • Planned

    5

    Unix/Linux AD Bridging

    Implement an agent that can provide Unix/Linux AD bridging providing log in on those systems using Windows account

  • Votes

    1

    Integrate the approval workflow with an external ITSM service desk ...

    BE able to integrate with an ITSM service desk system through REST API when an approval of a checkout request is made. This request to this service desk system would ...

  • Votes

    2

    Make available an option to have more complex workflows

    Have the ability to set up more complex approval workflows such as more than one level such as a specific user as first level and then a compliance/Information Security ...

  • Votes

    3

    Credential Provider for Linux/ Unix

    To provide the similar function like Windows's Credential Provider, so that administrators can use the PAM account/AD access Linux/ Unix server physically when they are ...

  • Votes

    1

    Schedule one-time access

    It would be great to have another schedule option for one-time schedules granting permission to a rules for a set calendar dates. In PAM Command Control / Schedules have ...

  • Votes

    3

    Improve PAM Sniffer capabilities to give insight on usage of sudo or ...

    It seems to me that our PAM Sniffer tool could improve an assessment of the situation by indicating which systems make use of privilege escalations and which users ...

  • Votes

    1

    Confirmation of agent registration from command

    When registering and agent (platform independent) it would be useful to have a status returned on the screen for the registration of the agent.

  • Votes

    2

    List all commands available from policies for USRUN

    It would be a nice option for a local Linux/Unix user to be able to list all the enhanced commands available to the user (from policies) for USRUN.

  • Planned

    13

    Improve GUI - general

    Please improve your GUI, it's really terrible as it is... - add users - manually typing them, REALLY ? - configuring shared keys - finding out what needs to be defined is ...

  • Votes

    3

    Able to run the password reset using scheduler

    To be able to run the password reset using scheduler for the privileged account set in the credential vault. This is to comply with the password age policy.

  • Votes

    4

    configure PAM to use credential/authentication in msgagnt smtp

    send email notification to client using smtp credentials in msgagnt.