Privilege Management Console Access Settings
The following settings are available from the Administration > Access Settings page:
- Setup Information
- Remote access settings
- Policy deployment settings
- Agent installation keys
- Azure AD settings
There is also an Access Settings tile on the dashboard.
The Setup Information pane provides installation details for the following components:
- Privilege Management for Windows
- Privilege Management for Mac
- Windows Adapter
- Mac Adapter
- MMC Snap-in
For more information about these topics, please see Privilege Management Console QuickStart.
Set remote access to allow communication from the MMC snap-in to PMC.
You need to configure PMC to allow the Privilege Management MMC snap-in to communicate with the PMC services.
- Click Administration > Settings > Remote Access Settings from the top menu.
- Check the Enable remote MMC client access box. You need to generate a new GUID and enter it here.
Click the refresh button to create a new GUID.Use the same GUID when you configure the MMC. This is the MMC Client ID in the MMC.
- Click Save Changes.
Policy Deployment Settings
Go to Administration > Access Settings to choose to deploy the policy automatically or manually to your computers.
If you select automatic deployment, you do not need to do anything else to deploy a policy that is assigned to a group containing computers.
If you select manual deployment, there are two additional options when you right-click one or more computers in the Computers grid. These settings allow you to deploy to the selected computers or all computers.
Agent Installation Keys
Use the following procedure to configure the communication to your Azure AD instance. This requires an application registration in the Azure portal.
For more information on registering an application in Azure, please see Register an Azure Tenant
- To access Azure AD settings, click Administration > Access Settings.
- Select Enable Azure AD Integration.
- Enter the Authority Tenant ID and Application Client ID. The IDs can be found in your Azure portal application registration > Overview.
- Select one of the following:
- Use Certificate Authentication: Click Download Certificate. If you select this option, you must upload the certificate in the Azure AD portal. We recommend using certificate authentication which is the more secure authentication method. In the Azure portal for app registrations, go to the Certificates & secrets page to upload the certificate generated here.
- Use Client-Secret Authentication: Enter the client secret. The client secret is generated in the Azure portal for app registrations. In the portal, go to the Certificates & secrets page to generate a client secret.
- Click Save Changes.
- Click Validate Settings. Click to test your configuration. When successful, validates the portal can successfully connect to and call the Microsoft Graph API for the configured Azure AD instance.
View Diagnostics Metrics
- API Connection
- Tenant Id
- ER Database Version
To access the Diagnostics pane, click Administration > Access Settings.