Privileged Access Manager Service (idarch)
The Privileged Access Manager Service is installed on each Bravura Privilege replicated server and is responsible for:
Controlling remote password resets for push-mode managed system policies.
Monitoring the status of checked out passwords on both push and local service mode managed system policies.
The service is automatically installed on the Bravura Security Fabric server, but not started, during setup. Note the service ID listed on the Privileged Access Manager Service configuration page. You use this to identify the service to use when configuring push-mode resources groups.
Dependencies / requirements
The Privileged Access Manager Service is dependent on the Database Service . If you restart the database service, you must restart the Transaction Monitor Service.
Configuration
You can modify the following parameters related to this service on the Service information page:
Option | Description |
|---|---|
Minutes to wait to re-check database | This is the polling period used by the service to check the database for configuration changes, and determines when failed password randomizations should be retried. This value is also used to bound the time interval that the service waits before it connects to the database after it is started or restarted. The wait time is a random period of time between 0 and this value. |
Warning
Avoid setting a poll time that would leave a long interval between the password expiry time, as set by the RESOURCE PASSWORD CHANGE INTERVAL , and the poll time. This could lead to an expired password not being changed in a timely fashion.
Command-line options for idarch are listed below:
Argument | Description |
|---|---|
-h | Displays usage information. |
-v | Displays version number only. |
-Poll <polltime> | Sets the polling period, as described in Table idarch service options. |
-SvcID <serviceID> | Unique ID used to map managed system policies to the service. |
-config | Displays service configuration information. |
-server | Run the service in server mode. |
-start | Starts the service. |
-stop | Stops the server/service |