Privilege Management Console Access Settings

The following settings are available from the Administration > Access Settings page:

  • Setup Information
  • Remote access settings
  • Policy deployment settings
  • Agent installation keys
  • Diagnostics
  • Azure AD settings

There is also an Access Settings tile on the dashboard.

Setup Information

The Setup Information pane provides installation details for the following components:

  • Privilege Management for Windows
  • Privilege Management for Mac
  • Windows Adapter
  • Mac Adapter
  • MMC Snap-in

For more information about these topics, please see Privilege Management Console QuickStart.

Remote Access Settings

Set remote access to allow communication from the MMC snap-in to PMC.

You need to configure PMC to allow the Privilege Management MMC snap-in to communicate with the PMC services.

  1. Click Administration > Settings > Remote Access Settings from the top menu.

The MMC Client ID GUID must match the GUID you enter in the MMC connection.

  1. Check the Enable remote MMC client access box. You need to generate a new GUID and enter it here. Click the refresh button to create a new GUID. Use the same GUID when you configure the MMC. This is the MMC Client ID in the MMC.
  1. Click Save Changes.

 

Policy Deployment Settings

Go to Administration > Access Settings to choose to deploy the policy automatically or manually to your computers.

If you select automatic deployment, you do not need to do anything else to deploy a policy that is assigned to a group containing computers.

In PM Cloud, you can choose to automatically or manually deploy a policy to computers.

If you select manual deployment, there are two additional options when you right-click one or more computers in the Computers grid. These settings allow you to deploy to the selected computers or all computers.

 

Agent Installation Keys

This pane contains the Installation ID and Installation Key GUIDs that are required to connect computers to PMC. You can create new installation IDs and installation keys here and delete them if required. Once you revoke an installation key, you don't need to reinstall adapters that have been authorized - only pending ones.

For more information on how these fields are used, please see the following:

Azure AD Settings

Use the following procedure to configure the communication to your Azure AD instance. This requires an application registration in the Azure portal.

For more information on registering an application in Azure, please see Register an Azure Tenant

  1. To access Azure AD settings, click Administration > Access Settings.
  2. Select Enable Azure AD Integration.
  3. Enter the Authority Tenant ID and Application Client ID. The IDs can be found in your Azure portal application registration > Overview.
  4. Select one of the following:
    • Use Certificate Authentication: Click Download Certificate. If you select this option, you must upload the certificate in the Azure AD portal. We recommend using certificate authentication which is the more secure authentication method. In the Azure portal for app registrations, go to the Certificates & secrets page to upload the certificate generated here.
    • Use Client-Secret Authentication: Enter the client secret. The client secret is generated in the Azure portal for app registrations. In the portal, go to the Certificates & secrets page to generate a client secret.
  1. Click Save Changes.
  2. Click Validate Settings. Click to test your configuration. When successful, validates the portal can successfully connect to and call the Microsoft Graph API for the configured Azure AD instance.

View Diagnostics Metrics

The Diagnostics pane allows you to view various diagnostics for PMC, including:

  • Version
  • API Connection
  • User
  • Tenant Id
  • ER Database Version
  • ServerURI

To access the Diagnostics pane, click Administration > Access Settings.