Linking Credentials to Managed Computers

After you have created a credential for a managed computer (a computer that EmpowerID has inventoried), you can link that credential to one or more computers. Once a computer credential has been linked to a specific computer, users can request access to the computer using those credentials.

When users request access to a computer, EmpowerID routes those requests to the Access Manager or owner of the computer credential. If approved, users check out the credentials, which initiates an RDP or SSH session to the computer using EmpowerID's Privileged Session Manager. Privileged Session Manager provides a number of features that gives administrators the ability to monitor, review and terminate session activity when necessary. To use EmpowerID's Privileged Session Manager in your environment, there are a number of configuration tasks you must complete. For information, see Configuring Privileged Session Manager.
For information on linking computer credentials to all computers in a managed domain, see Linking Credentials to Domains.

To link credentials to managed computers

  1. From the Navigation Sidebar of the EmpowerID Web interface, navigate to the Computers find page by expanding Resources and clicking Computers.
  2. From the Computer find page, click the All Computer Credentials tab and then search for the computer credential you want to link to a computer.
  3. Click the Display Name link.
  4. This directs you to the View One page for the credential. View One pages allow you to view information about a resource in EmpowerID and manage that resource as needed.
  5. From the View One page, click the Computers accordion to expand it and then click the Add Computer button in the grid.
  6. In the dialog that appears, type the name of the computer in the Computer field and then click the tile for that computer to select it.
  7. Click Save to save your selection and close the dialog. If the computer linked to credential is in the IT Shop, users with access to the IT Shop can request Login Session Access to the computer. If the computer is not in the IT Shop, at a minimum, users must have the Computer PAM User Full Access Management Role.
When users request access to a computer, EmpowerID routes those requests to the Access Manager or owner of the computer credential for approval. If approved, users check out the credentials, which initiates an RDP or SSH session to the computer using EmpowerID's Privileged Session Manager. To use EmpowerID's Privileged Session Manager in your environment, there are a number of configuration tasks that need to be completed. For information, see Configuring Privileged Session Management.