Idea Details

CA PAM, Workflow for Access/Session Managment.

Last activity 10-30-2017 06:35 AM
AsifShaikh's profile image
06-06-2016 07:48 AM

Currently CA PAM Provides Workflow process inbuilt for password view, but it lacks Workflow functionality for provisioning Access to Devices. It is a manual process of approval and provisioning, It delays the on boarding and provisioning process.

It will be great if Product team can incorporate Session management as part of Workflow.

 

This is how Session management work flow will look like,

 

1) User will login to PAM portal using his normal account.

2) He will have option to request access to servers workflow.

3) Workflow screen will be presented to user requesting details like (Target Device/privilege account name and time frame of access etc)

3) After user submits, It will go for approval to the owner of the Target Device,

4) Once approved PAM admin will see a notification in the Dashboard/email.

5) PAM admin will provision access to the user.


Comments

10-30-2017 06:35 AM

Hi,

 

I think it would be interesting to be able to request access for another user. 

I understand this is feasible adding CA Identity Suite into the picture, but I believe enhancing the Workflow functionality to achive delegated privileged access request would be an asset into the inbuilt Workflow.

 

rgds

08-31-2016 01:17 AM

Currently there is no builtin Workflow mechanism. Device provisioning is an offline or back end configuration done by pam admin.

08-30-2016 10:46 PM

Isn't this currently already part of the user experience?