Templates are important components of senhasegura . They are the step-by-step instructions to perform system changes.
The system administrator or any other granted user is able to create new templates according to your needs and execute them on devices that have connectivity compatible with senhasegura .
senhasegura is installed with more than 250 templates out-of-the-box. And inside senhasegura PAM Solution our clients and partners can be updated with more templates developed by the senhasegura team and partners community.
To list all the registered templates, go to the menu Executions ➔ Settings ➔ Templates.
Register a template
Click on the New template button and, on the screen that appears, fill in the following fields:
Template name: Name for better identification;
Executor: Communication technology between the senhasegura and the target device. It will be covered below;
Type of execution: Type of change for which the model will be used. Can be any action from triggered by installed execution' client modules;
Active?: Indicates whether the change template is available for use or not;
Template content: A text area to compose the script instruction. We will present every Executor syntax later;
Click the Save button to complete the registration:
Modify a template
To modify a password change execution template, click the Change template button on the template record.
Templates receive an incremental version, identified in their report by the column Version.
You have access to the previous versions, as well as data about the users who modified the template, through the registration action "Template change history".
Composing a template
Every Executor plugin has its own syntax. But you can use some wildcards properties to be replaced by credentials and devices real properties values. The replacement will occurs when the operation will be executed. Which Device and credential available to be used at the operation time, will be defined by the client module even.
These properties will be replaces by the client module rules. Properties that represents password change will be considered only by password change operations. For an example, Task Manager operations will only replace connection wildcards properties.
[#USERNAME#]: Username of the credential that will have your password changed;
[#NEW_PASSWORD#]: The new password you want the credential to use;
[#CURRENT_PASSWORD#]: The password in use for the credential;
[#AUTH_USER#]: Username of the credential that will be authenticated on the station/system/server to perform the change;
[#AUTH_PASSWORD#]: Password of the credential that will authenticate itself to execute the change;
[#AUTH_DOMAIN#]: Domain of the credential that will authenticate itself to execute the change;
[#ADD_INFO#]: Additional credential information;
[#IP#]: The IP of the credential device that will have the password changed;
[#HOSTNAME#]: The hostname of the credential device that will have the password changed;
[#DOMAIN#]: The domain of the credential device that will have the password changed;
[#SERVER_PATH#]: Path of the credential server that will have the password changed;