Markus Weiss-Ehlers : You have shown us a nice presentation about secure configuration for IdentityManager onprem on the UNITE in Madrid.
We have done some security improvements meanwhile.
One is that the FatClients are connected to the AppServer.
So, we don't have to give the user the wide DB Access as they need in the past, when they connected directly to the DB.
For JobQueueInfo it's still only the direct DBConnection since it won't work over AppServer. The same for DBCompile, ...
You have shown us the use cases:
UC1: RDP (for database connection) to the dedicated server
UC2: RDP Application (for database connection) from the dedicated server
UC3: RDP Application (for database connection) with login to tools from the dedicated server
Now I'm wondering how I have to apply that for our Citrix and Cyberark enviroment.
How could the DB Connection secured windows integrated by one account, where as the actual user is authenticated by its own windows account.
Is there any paper, giving me more advice on that topic?
Patrick
btw. we are running 9.2