Skip to main content

Adding target system administrators

To add a target system administrator for a target system:

  1. Navigate to the target system’s Administrator credentials page (Manage the System > Resources > Target systems> [Manually defined | Automatically discovered] > < Target system > ).

  2. Type the target system administrator ’s login ID in the Administrator ID field. These credentials will be used to connect to the remote agent.

  3. Type the account password in the Password and Confirm password fields.

  4. If you want to enable the target system administrator to run Bravura Security Fabric processes on the Bravura Security Fabric server, select the Run as? checkbox.

    By default, all connectors run the Bravura Security Fabric processes on the Bravura Security Fabric server as the local psadmin account. See Connector Pack documentation for information about a particular system.

    Any target system administrative credential used for the Run as? option must be part of the local Administrator group on the target system.

  5. If the account is a special-purpose system ID (required on certain systems), select the System password checkbox.

  6. If the target system is administered remotely , and if the target system administrator’s password is managed by Bravura Security Fabric , set the:

    • Managed system to the ID of the managed system where the target system administrator’s password is being managed.

    • Account ID to the login ID of the target system administrator.

      The account ID and administrator ID should be the same.

  7. If the target system is imported into Bravura Security Fabric , then the credentials could be randomized by a managed system policy. To keep the target system credentials synchronized with the password for the managed account:

    1. Select the Updated by Bravura Privilege Privilege? checkbox.

    2. Click the Select select-icon.png icon under Get credential from Bravura Privilege to link the matching credentials from the list of managed accounts. You must have ”Access” permission to the credentials you want to use here.

  8. Click Update.

    Note

    If the target system’s administrator credentials are from a domain account, then Bravura Security Fabric attempts to verify them on the target system. If they do not pass verification, then these administrator credentials are not added for the target system.

Additional target system administrators

You can define multiple target system administrators so that if Bravura Security Fabric cannot log into the target system with the current target system administrator account, because of target system operation locking, the credentials of the next target system administrator in the list are used. You can also define additional target system administrators if Bravura Security Fabric requires a special system ID and password to connect to the target system.

Any additional target system administrator’s credentials must be defined first under the target system’s local Administrator group before they are used.

System password

Some systems require that you supply different login IDs to access different parts of the system. For example, on system XYZ, sysadmin may have administrative access to the database backend and sysuser2 may have connect privileges for the system front end. Using this example, you would select the System password checkbox for sysuser2 .

Check the Connector Pack documentation to determine whether system credentials apply to a particular target system.

Remotely administered target systems

A target system is remotely administered if its credentials are stored on an external source; for example, a Cisco router that stores its credentials on an Active Directory domain.

You can link the account credentials from the external source, such as an Active Directory DN target, so that Bravura Privilege can update the target system administrator ’s password when the source password is randomized.

To allow Bravura Privilege to remotely administer target systems, the TARGET CREDENTIAL ASSOCIATION system variable must be enabled in the Manage the system > Modules> Options menu. By default, this system variable is enabled.

From the target system credentials page, click the Select select-icon.png icon under Get credential from Bravura Privilege to select from the list of managed accounts. You must have ”Access” permission to the credentials you want to use here.

See also

In this section: