Enabling managed system policies
Push mode and local service mode policies must be managed by a Bravura Privilege service in order to manage passwords or group membership. Push mode policies must be managed by a Bravura Privilege service in order to manage passwords.
You must update default policies to bind them to a service. On the Managed system policy information page, choose a Service ID from the Managed by drop-down menu on the Managed system policy information page, then click Update.
Once managed system policies are managed by a service, you must do the following:
Defining managed accounts to determine which passwords Bravura Privilege will manage on member systems.
Defining group sets to determine which groups Bravura Privilege will grant temporary access to on member systems.
Attaching authorizers to managed system policies to allow users to request access on member systems. to be handled by the authorization workflow system.
Defining access disclosure plugins to determine how Bravura Privilege provides users with access to a managed account.
Enabling and disabling randomization and check-outs
Users can only check out the password for accounts belonging to a managed system policy once the accounts’ passwords have been randomized. You can either wait for the managing service to poll the system, or randomize password immediately to have the policy take effect.
Account passwords do not need to be randomized to check out accounts using SSH key authentication.
You can temporarily disable randomization at any time, which also checks in and blocks check-outs unless you specify that check-outs are allowed.