Symantec Privileged Access Management

 View Only

  • 1.  That sensitive huh?

    Posted May 10, 2019 11:21 AM

    The product is still "case sensitive" in some respects / functions.

     

    Two examples i can think of:

    Target Account -> Application Name field is case sensitive. If you try to type in "myappname" into that field but it's really in the system in all caps MYAPPNAME or mixed caps MyAppName... the context search doesn't find it.  

     

     

    Policy Import CSV -> Account Names are case sensitive: If, in the Targets or Applets columns, you specify

    tap=my-appname tac=MYACCOUNTNAME but the target account name is in the system in lowercase or mixed case, the Policy import doesn't find it. 

     

    any way to get around this annoyance - when you're importing many policies via CSV it's really impractical to expect an admin to know the exact case of every single target account.



  • 2.  Re: That sensitive huh?

    Broadcom Employee
    Posted May 10, 2019 03:24 PM

    Sebastiano

     

    While I have to agree with the complexity it creates I do have to wonder if making this case insensitive would reduce the functionality. Since this is case sensitive you can have target applications with the same name in different cases. If we made this case insensitive this would not be possible. Is there a good use case to have such a need? I am not sure but I would think that would need to be vetted amongst the existing client base to be sure we didn't make a change and have it break someone's current system.

     

    I think this is a good topic for further discussion. I wonder what others think?

     

    Joe Lutz



  • 3.  Re: That sensitive huh?

    Posted May 10, 2019 03:56 PM

    Thanks Joseph. I see your points.

     

    I understand the argument for unix accounts - root is not the same as ROOT or RooT or RoOt, fair enough. I can also appreciate that having that same capability around application names may be valuable to some. That said, I would be interested in understanding the use cases behind differentiating application names by letter case rather than different words.

     

    Other thoughts: it doesn't help that the policy import error dialogue doesn't allow you to export / copy that list of errors. It could also be a little more detailed. In the above screenshot, that list actually went on 20 or 30 lines. but I can't copy that content.

     

    It would be nice if the error dialogue box regurgitated the problematic CSV lines and we had context copy/paste capability in that dialogue window; I think that would go a long way.

     

    Looking forward to input from other's.

     

    thanks again.