[MUSIC PLAYING] In this video, we're going to go ahead and add a Linux system to PAM Essentials. I'm going to log into OneLogin and go to the PAM Admin tile. This is going to bring me to the Admin Interface. First, I'm going to go to Configuration, and I will go to Infrastructure Assets. I'm going to first add an asset group for Linux Systems.
Once that group has been created in here, I can then go ahead and add an asset to the group by clicking on Add Manually. I'm going to name the asset accordingly, and I'm going to specify exactly what platform it is. I'll also specify what network segment it sits in. And I'm going to go ahead and look up the IP address here. And we'll go ahead and type in that IP address.
We'll specify if this asset is a part of a domain. And in this case, I'm going to go ahead and use a service account, an existing service account. And this is just giving you a warning letting you know that service account password will be rotated upon connection.
Once I type in the password here, and as soon as I add asset, it's going to then go ahead and rotate the credential for that account. So that account is a control account that's now going to manage this particular asset. What you'll notice is that this asset does not have any accounts associated with it. The reason for that is because the account that is a control account is not accessible by users. It's used to control the system.
I'm going to go ahead and add another account that can be utilized by users here. All of these accounts would have to be pre-created on the system in order for this to work as well. It's warning you here that you're going to give PAM control of that account, and it will go ahead and rotate that credential. It's now reaching out to that system and rotating the credential for that account.
You'll also notice that there is a no access policy that's associated with this account. All accounts and assets need to be a part of access groups. So what we'll go ahead is we'll click on the account itself, and we'll go ahead and add that to an access group. We'll create the group, and we'll call it Local Linux Accounts. Then it says that it's connected to local Linux accounts in the asset group. I'm going to go ahead and close this window here.
And you'll notice that the system has an asset, has an account, it's assigned to an asset group for the account but is not assigned an access policy. And access policies are required for users to request access to the system. So we'll go ahead and create one of those now.
We'll name it accordingly. We'll select exactly what system it is. In this case, it's Linux Systems. We'll select the access group. You know that that's Local Linux Accounts. Then we can go ahead and assign this role to a particular group or a set of individuals.
Once I create the policy, now that system is accessible. If I go back to my OneLogin page and click on One Identity PAM Users, that will redirect me to the user portal. And if this user is provisioned to gain access to the system, they will now see that tile or that Linux system.
[MUSIC PLAYING]
03:51