Symantec Privileged Access Management

  • Private Community

  • 1.  How to display User Target info for unix targets in session recording viewer?

    Posted May 24, 2017 01:58 PM
      |   view attached

    Hi there!

     

    We have recently aquired CA PAM 2.8.2 and I would like to know if it needs a special configuration to display the target user info in the Session Recording for Unix accounts. We hadn't make any additional configuration to display that info in the Windows targets, but actually we can't see the Target user account when watching session recordings.

     

    Thanks in advance



  • 2.  Re: How to display User Target info for unix targets in session recording viewer?

    Broadcom Employee
    Posted May 25, 2017 11:04 AM

    I am a little confused as to why you are seeing USER and DOMAIN fields for an SSH recording. These 2 fields are used for RDP recordings but I do not believe those fields should even appear. are you seeing these fields on all your SSH recordings?



  • 3.  Re: How to display User Target info for unix targets in session recording viewer?

    Posted May 25, 2017 03:31 PM

    Hi,

    Thanks for your reply, 

    Just to clarify, what i'm tying to record is the target account (privileged account for connect to the target server) for the Unix ssh connection. We connect using putty (tcp service) and also ssh applet. 



  • 4.  Re: How to display User Target info for unix targets in session recording viewer?

    Broadcom Employee
    Posted May 25, 2017 12:03 PM

    Hi Alberto, You must be using a TCP/UDP service rather than the built-in SSH applet, which wouldn't have the USER and DOMAIN fields like Joe mentioned. They are populated for me with 2.8.2, with our without auto-logon, using a Linux target device. If there is no auto-logon and I have to provide username and password, it will take a few seconds before the fields are populated. What SSH client are you launching, how is it configured, and what type of target device are you connecting to?



  • 5.  Re: How to display User Target info for unix targets in session recording viewer?

    Posted May 25, 2017 05:00 PM

    Hi

    We are using the auto-logon to connect via SSH to AIX environment. I have tried with no auto-logon but in the session recording we can't see the Target account. Is there something am i missing?



  • 6.  Re: How to display User Target info for unix targets in session recording viewer?
    Best Answer

    Broadcom Employee
    Posted May 25, 2017 06:45 PM

    Hi Alberto, I observe the same problem when connecting to an AIX target device. Please open a support case, it looks like this needs to be fixed.



  • 7.  Re: How to display User Target info for unix targets in session recording viewer?

    Broadcom Employee
    Posted May 25, 2017 07:00 PM

    By the way, you can use the "View Password Requests” report available from "Reports > Run” on the Password Management UI to find out which account was used to logon to the session. Also, the SSH built-in applet writes a different type of recording, and you won't see those fields when you play back such a recording. That is just how it works now.



  • 8.  Re: How to display User Target info for unix targets in session recording viewer?

    Posted May 25, 2017 08:56 PM

    I tested built-in SSH applet against AIX 6 and CentOS with PAM 2.7 and 2.8.2. User info for both are not displayed.



  • 9.  Re: How to display User Target info for unix targets in session recording viewer?

    Broadcom Employee
    Posted May 25, 2017 09:38 PM

    Right, that's what I stated above.