Iraje PAM Auto Change Password manual version 8

Introduction

Auto Change Password (ACP) is used for changing password for Target Devices. Changing passwords regularly for target devices reduces the risk of breaching into the system.

Benefits of changing password regularly

  • Limits breaches to multiple accounts

  • Prevents constant access

  • Prevents use of saved passwords

  • Limits access gained by keystroke loggers

Purpose

This manual will help the users get familiar with the Iraje PAM application and how to use it effectively in their environment.

Target Audience

Admins Using Iraje PAM

Auto Change Password

Auto Change Password for target device can be performed at real time as well as it can be scheduled. Auto Change Password is usually performed to frequently change password of target devices to maintain security. Also, Auto Change Password should be scheduled to prevent password expiry on the target device. The passwords set by Auto Change Password process in Iraje PAM are all algorithm generated, strong and vaulted.

Auto Change Password is performed on groups. It can be a single or multiple group with connections configured in it.

There are two ways to perform Auto Change Password on devices in PAM

  • Scheduled Based

  • Manually

Auto change password (Scheduled Based)

    Step 1: Open PAM dashboard and click on ‘Access Control Manager’

    Step 2: Click on ‘Directory Access’.

    Step 3: Choose ‘Admin’ group and click on ‘Connect’ button. This group is accessed by Super Admins only.

    Step 4: ‘Admin Options’ are only accessible from ‘Admin’ group. Through Admin Options PAM admins enable ACP (Auto Change Password) by configuring options

    Step 5: In Admin Options, enable Auto Change Password checkbox

    Step 6: Go to ‘Maintain Group’ option.

    Step 7: Select group on which you want to schedule Auto change password process

Access Control Manager → Configure ACM →ACM Password Security Manager→ Password Console
PAM admins can see the status of Auto Change Password process by following the below steps:

    Step 1: Go to the Group in which Auto Change Password is enabled from ‘Directory Access’

    Step 2: Select Connection Manager from ACM toolbar

    Step 3: Click on ‘ACM Password Security Manager’ Button at the bottom of ‘ACM Configuration and Setup’

    Step 4: Select Authorize Change Password from below for Manual ‘Auto Change Password’

    Step 5: Provide maker-checker Admin approvals for performing Auto Change Password

Here Change Password is initiated. Status for running Change Password at real time can be viewed in Password Console. This Status tells if the Change Password for devices succeeded or failed. Device status can be checked from Password Enforcement Reports in the Report Module of the PAM dashboard.