Use Host Credential Rules

Use credential rules to apply default credentials to hosts either directly or using a range of IP addresses. When a credential rule is applied to a host, administrators no longer need to enter a user name / password credential; instead, the system evaluates the rules and applies a rule to the host.

There are two types of rules: host and network.

Multiple rules can apply to a single host. In terms of rule precedence, a host specific rule (bound by host ID) is used in preference to all others rules that might be applied to that host.

For either host or network rules, a privilege escalation method can be saved with the authentication credential. Actions that require elevated privilege take advantage of this saved method. Applying delegation to a host is optional.

Credentials must already be created on the Credentials page so they are available to select when creating a rule.

For more information, please see Manage Credentials in BeyondInsight for Unix & Linux.

One-click Actions

Using default credentials enables one-click actions; you can select an action on a host without entering a user name and password. Running a host profile is an example of an action that can be selected without providing the host credential.

For more information, please see Profile Host with Default Credentials.

Add a Network Credential Rule

A network credential rule applies to an IP range added using CIDR notation.

  1. Go to the Hosts page, and then select Credential Rules.
  2. Select Network Rules.
  3. Click Add New Credential Rule.
  4. Enter the IP address range following the CIDR notation format. For example, 10.100.1.0/24.
  5. Select a logon credential from the list.
  6. Select a delegation strategy and corresponding credential.
  7. Click Create Credential Rule.

Add a Host Credential Rule

A host credential rule applies to specific hosts. Add the host name or IP address of the host. A credential rule is created for each host. A host using a default credential configured does not require a credential when running actions.

  1. Go to the Hosts page, and then select Credential Rules.
  2. Select Host Rules.
  3. Click Create New Credential Rule.
  4. Search for hosts using either host name or IP address filters.
  5. Select a login credential from the list.
  6. Select a delegation strategy and corresponding credential.
  7. Click Create Credential Rule.

Delete a Credential Rule

You can delete a credential rule when it is no longer required.

  1. Go to the Hosts page, and then select Credential Rules.
  2. Select the tab for the credential rule type .
  3. Select the rule, and then click Delete Credential Rule.

If you remove a credential from the Host Credentials page, then any credential rules using that credential are also deleted.

View Credential Rules on a Host

You can view a list of all credential rules assigned to a host on the Host Details page. You can also create and change the host rule. Only one host rule is permitted for a host.

For more information, please see View Host Details.