Retrieve Accounts

Configure the Account Retrieval Form

The Account Retrieval Form enables you to specify information that is required before you can access accounts that meet the following requirements:

  • A reason for accessing the account must be specified.

  • A ticketing system is integrated with the PVWA and users must specify the ticketing system information.

  • Authorized users must confirm users’ requests to access accounts.

  • Connection details are required in order to log onto a remote device transparently with Privileged SSO.

The following parameters, in the Privileged Account Request section of the Web Access Options, define the account retrieval form.

For details about configuring parameters that define dual control, see Dual Control.

Split Password Mode

The following platform parameters enable Split Password mode, and determine which users will be able to see the first half of a password, and which users will be able to see the second half.

Just in Time Access (JIT) to Target Machines

Users can get access to target machines for Windows accounts for a predefined timeframe, after which it is automatically rescinded. During the access period, users can access the target machine using their own Windows Domain credentials and any tools.

Users require the following permissions in the Safe where the Windows account is stored:

  • List accounts

  • Use password