Skip to main content

Overview of import rules and auto discovery process

The general procedure for using import rules and discovered objects is as follows:

  1. Configure managed system policies .

  2. (Push-mode only) Define at least one source system .

    Currently, computer object discovery is supported for Active Directory target systems. Account discovery is supported for Active Directory and Windows servers and workstations.

  3. Configure discovery templates to manage discovered systems.

    Discovery templates are used to specify settings for new target systems that are created from discovered server and workstation objects.

    This is not required for discovered accounts.

  4. Discover unmanaged objects.

    • For push mode, run auto discovery . This process may take several hours. You can test the listing only by running the command psupdate.exe -targetdiscovered -list -no-plugins from the util directory.

    • For local service mode, install the Privileged Access Manager Local Workstation Service (hipamlws) on applicable systems and allow it to contact the Bravura Security Fabric server for the first time.

  5. Manage discovered systems.

    Discovered systems require a corresponding managed system before Bravura Security Fabric is able to connect to them. You can manage discovered systems manually, or by using target system import rules .

  6. Add managed discovered systems to managed system policies.

    You can define managed system policy members manually, or by using managed system import rules .

  7. Manage accounts.

    Determine which accounts to manage on the managed system. You can manage accounts within a managed system policy manually, using a plugin or PSLang expression, or by using managed account import rules .

    Managed account import rules are only applied to discovered accounts that are found using target system discovery options .

Push mode discovery and management flow

The following flow diagram illustrates the typical discovery and management process for push-mode systems.

push-discovery-flow