Add personal privileged accounts

This topic describes how to independently add personal privileged accounts.

Personal privileged accounts must be enabled by your Privilege Cloud administrator.

What are personal privileged accounts?

A personal privileged account is a private account that you create to securely access any target in your domain. The advantage of a personal privileged account is that while your Privilege Cloud admin configures the platform and the associated password management mechanism (CPM), you can create your own personal privileged account.

After you have created a personal privileged account, you can:

  • Connect to the target

  • View and retrieve the account password

  • Verify and reconcile passwords

Add personal privileged accounts

  1. In the Accounts View page, click Add personal privileged account.

    If you have permission to add accounts, a different menu is displayed. Click the Add account drop down, and click Add personal privileged account.

  2. In the Add personal privileged account page, enter the target address and credentials and other required information.

    The account mandatory fields depend on the selected platform.

    The following table presents sample files that may appear, and what details should be entered for a Windows domain account:

    Field Description Example (Windows domain account)
    Address Enter the address of the target machine. You can enter the IP address, Windows domain, DNS, or machine name. Domain controller name
    User name The user name used to log in to the target machine. The account name in the domain

    Password

    The password used to log in to the target machine.

     

    Confirm password

    Re-enter the password.

     
    Account name The display name, automatically created for the account. Can optionally be edited.  

  3. Click Add. The account is added in the Accounts list and is registered in the CPM for verification.

    During the verification interval you can connect to the new defined account, and can show and copy the password.

    After the account is verified successfully, additional actions such as verify and reconcile password are available.

Check the account verification status

The time required to verify an account is defined in the policy managed by your system administrator. You can check the status of the account in the Overview tab.

  1. In the Accounts View page, click the row of the personal privileged account.

  2. In the Overview tab, check the verification status:
    In Activities, check the CPM verification is completed successfully.

    In Last Verified, check the date of the last verification.

Edit personal privileged accounts

When you edit a personal privileged account, your account is disabled until it is successfully verified by the CPM. A message is displayed when your personal privileged account is verified.

To edit a personal privileged account:

  1. In the Accounts View page, select the personal privileged account and click More options > Edit.

  2. In the Edit personal privileged account page, edit the fields you want to modify.

    It is recommended not to modify the original account name.

  3. Click Save.

Troubleshooting

Issue: Wrong password entered

If you entered the wrong password, perform one of the following troubleshooting steps:

  • Delete this account and create a new personal privileged account.

    or

  • Wait for the next verification failure of the CPM and then perform the following steps:

    • Click the Overview tab, and in the Compliance Status window click Change.

    • Select the Change only in the vault action and enter a new password. The change takes effect in the next CPM verification.