We are working with a client that the client has installed the CA Control Minder release 12.6 and they are using the PUPM feature ( now SAM) , and they want to know if with the upgrade to the CA Control Minder release 12.8, they are going to achieve the next points :
- When the privilege account is "check out", after 24 hours of inactivity, the account it would be check in, close it the session and change the passwords.
-When the privilege account is checked out and if you close the putty or the RDP window, the session still open and is not able to close the user account session.
- For the Break Glass process, the accounts defined with the last process are not exclusive.
I hope you can help me
My Best Regards
CA Services Senior Consultant
Does your client have the automated login scripts enabled? I get the impression that they do.
Below are my responses:
Response: I do not believe so. Unless I’m wrong, this is a nice feature to enable. I do not believe that our current solution looks to see if there is activity or not. I believe that inactivity sensing may be a feature of the OS, and not necessarily of our solution.
Response: If you’re using the automated login scripts, I know that if you close the Window or exit, the solution will prompt you to ask if you will check-it back in. Is this what you want, or do you want the account to still be checked out?
Response: Can you please explain this. I do not understand what you’re asking for.
Peter Paul M Ifurung
Thanks for your feedback .... answering your responses ..
Yes they have the automated login script enable...
Comment: Exactly , when the solution prompts to ask if you check in or not the session , if you chose the option: yes , the solution is not "check in" the account , the privileged account still have in use to the requester, so, the client wants to know if the upgrade corrects this behaivor...
Comment: Yes sure.. if you are using an account via break glass process , this privilaged account it would be exclusive for who requested it , i mean , nobody can check out this account , meanwhile the account is "check out" via the break glass.