Configure RED IM for Integration with BeyondTrust Privileged Remote Access
You must purchase this integration separately from both your BeyondTrust software and your RED IM solution. For more information, contact BeyondTrust sales.
The integration requires minimal setup within RED IM and should work with your existing data as it stands. The two main requirements are a delegation identity that can impersonate RED IM web users and the installation of the RED IM SDK Web Services.
- Under Delegation > Web Application Identity Impersonation Mappings, select Create Mapping.
- If an identity already exists that you would like to use for the integration, select it and skip to step 3 below. Otherwise, continue with the following steps:
- Click Add Identity and select Explicit Identity.
- Enter the desired username and password, and then click OK.
- Select the desired identity and click OK.
- Select the identities or roles the above user should be able to impersonate, and then click OK.
- Verify the new mappings, and then click OK to close the dialog.
If configuring the integration to auto-spin passwords upon check-in, the above account requires the All Access permission. If you are not using this feature, you can skip the steps listed below.
- Go to Delegation > Web Application Global Delegation Permissions.
- Add the All Access permission.
- Select the identities or groups on the left to assign the permission to that identity or group.
- Check the Ignore Password Checkout box.
- Click OK.
This permission allows users to retrieve and inject credentials regardless of whether the credential is checked out to a different user in the RED IM web application. It only affects the programmatic access to checked out credentials and does not allow them to check out a credential in the web application when in use by another user.
RED IM SDK Web Services
Please consult the RED IM Admin Guide for instructions on installing and enabling the SDK Web Services. In newer versions of RED IM, the SDK Web Services can be enabled directly from the RED IM console in the Manage Web Appliance section.