Configure PAM session servers

Definition

Soffid provides the functionality that allows you to configure the Jump servers. That option is located on

Main Menu > Administration > Configure Soffid > Security settings > Configure PAM session servers

To configure that functionality is mandatory to install PAM following the instructions of the PAM installation page.

A Jump server is the control point that forces users to log into that system first, then, they could traverse to other servers without having to log in again. The purpose of a jump server is to be the only gateway for access to your infrastructure reducing the size of any potential attack surface.

For correct configuration, you must first create a PAM server group and then publish the store service and any available jump servers within it.

Screen overview

 

Related objects

• soffid-pam-storeNetwork discovery : storagewhen the servers are discovered and created in Soffid
• Agents : each server containerwill have its own agent
• soffid-pam-launcherPassword vault : launcher containeraccount published in PAM
  
• PAM policies :  the PAM policies contains and configure the PAM rules
• PAM rules : PAM rules used in the PAM policies
  
• Search in PAM recordings : to search and watch recorded sessions
• Access logs : to search and watch recorded sessions

Standard attributes

Table attributes

• Group name: name to identify the configuration. 
• Description: a brief description.
• Storage data: URL of the storage service.

Details atributes

• Group name: name to identify the configuration. 
• Description: a brief description.
• User name: user name given at installation of PAMPAM.
• Password: password given at installation of PAM.
• URL: URL of the storage.storage The default port is 8081.service.
• Jump servers: list of URL jump servers. A URL of each jump server. The default port is 8082.

Actions

Table actions

Add new

Allows you to add a new configuration ofPAM PAM.server  You can choose that option by clicking the add button (+).group. You must fill in all the attributes to save a new configuration.

Detail actions

Apply changes (disk button)	Allows you to create a new configuration PAM or to update an existing one. You must fill in all the attributes to save a new configuration.
Delete PAM server group	Allows you to delete one or more configurationthe PAM registers,server you must select one or more records from the list and click the button with the subtraction symbol (-).group. To perform that action, Soffid will ask you for confirmation, you could confirm or cancel the operation.
Undo	Allows you to quit without applying any changes made.
Apply chanageschanges	Allows you to create a new configuration PAM or to update an existing one. To save the data it will be mandatory to fill in the required fields. Also, the password and user name should be correct to connect.
Undo	Allows you to quit without applying any changes made.