Click HERE to see how Saviynt Intelligence is transforming the industry. |
08/23/2023 11:17 AM
Windows and Linux accounts are getting pam-enabled, but we have added the accountVisibilityConfig to customproperty55 for a particular account.
The customproperty55 is being updated to the Linux accounts but not the Windows accounts.
Can anyone check and confirm is the approach is right?
Below are the on-prem connection details:
{
"Connection": "On-Premise",
"encryptionMechanism": "ENCRYPTED",
"EVQuery": "ev.customproperty40='PAM_BOOTSTRAP'",
"WINDOWS": {
"defaultCredentialConnection": {
"connectionName": "Windows_Master_Connection",
"changeConnectionCredentials": false,
"MSConnectorVersion": "WINDOWS/1.0"
},
"defaultSecuritySystemDetails": {
"securitySystemName": "new",
"workflow": "Privilege Access Auto Approved",
"passwordPolicy": "REMOVED"
},
"shareableAccounts": {
"IDQueryCredentials": "acc.name in ('REMOVED')",
"IDQueryCredentialless": "acc.name in ('REMVOED')",
"IDQueryDomainCredentialless": "acc.name in ('REMOVED','REMOVED')",
"IDQueryDomainCredentials": "acc.name in ('')"
},
"processADAccount": "true",
"sAMAccountNameColumnMapping": "name",
"reconciledAccountAction": "NONE",
"domainConnections": "Active Directory Accounts",
"maxCredSessionRequestTime": "14400",
"maxCredlessSessionRequestTime": "14400",
"maxIDRequestableTime": "604800",
"skipOpenPorts": "true",
"endpointAttributeMappings": [{
"column": "accessquery",
"value": "where users.USERNAME is not null",
"feature": "endpointAccessQuery"
},
{
"column": "allowChangePassword_sqlquery",
"value": "AC.ACCOUNTTYPE != 'REMOVED'",
"feature": "allowChangepasswordquery"
},
{
"column": "customproperty43",
"value": "PAMDefaultUserAccountAccessControl",
"feature": "accountVisibilityControl"
}
],
"endpointPamConfig": {
"maxInActiveTimeInSec": "181",
"maxReqExpWarnPeriodInSec": "901",
"maxSessionLimitInSec": "28801",
"maxInActiveWarnPeriodInSec": "61",
"maxConcurrentSession": "10",
"maxSessionWarnPeriodInSec": "1801"
},
"accountVisibilityConfig": {
"accountCustomProperty": "customproperty55",
"accountMappingConfig": [{
"accountPattern": "REMOVED",
"mappingData": "roletest1",
"override": "false"
},
{
"accountPattern": "cpamuser1,cpamuser2",
"mappingData": "roletest2",
"override": "false"
}
]
}
},
"UNIX": {
"defaultCredentialConnection": {
"changeConnectionCredentials": false,
"connectionName": "LinuxMaster"
},
"defaultSecuritySystemDetails": {
"securitySystemName": "new",
"workflow": "Privilege Access Auto Approved",
"passwordPolicy": "REMOVED"
},
"actions": {
"restricted": "yum,sudo,visudo,apt,install,iptables,rm,mkfs,alias,ssh,telnet,scp,kill,shutdown,passwd,cron,traceroute",
"risky": {
"high": "file,wget,scp,curl,df,chmod,chown,echo,exit,uname,netstat",
"medium": "cat,vi,touch,find,history,awk,grep"
}
},
"shareableAccounts": {
"IDQueryCredentialless": "acc.name in ('REMOVED')",
"IDQueryCredentials": "acc.name in ('REMOVED')"
},
"maxCredSessionRequestTime": "14400",
"maxCredlessSessionRequestTime": "14000",
"maxIDRequestableTime": "604800",
"skipOpenPorts": "true",
"skipPushKeys": "false",
"endpointAttributeMappings": [{
"column": "accessquery",
"value": "where users.USERNAME is not null",
"feature": "endpointAccessQuery"
},
{
"column": "allowChangePassword_sqlquery",
"value": "AC.ACCOUNTTYPE != 'REMOVED'",
"feature": "allowChangepasswordquery"
},
{
"column": "customproperty43",
"value": "PAMDefaultUserAccountAccessControl",
"feature": "accountVisibilityControl"
}
],
"endpointPamConfig": {
"maxConcurrentSession": "100"
},
"accountVisibilityConfig": {
"accountCustomProperty": "customproperty55",
"accountMappingConfig": [{
"accountPattern": "cpam_credentials",
"mappingData": "roletest1",
"override": "false"
},
{
"accountPattern": "cpamuser1,cpamuser2",
"mappingData": "roletest2",
"override": "false"
}
]
}
}
}
08/24/2023 03:33 PM
it seems like this bug fixed in Release Notes v23.7 (saviyntcloud.com)