Setting up a JIT credential
Creation of templates
You must configure the creation/deletion and activation/inactivation templates of the target systems that the credentials will use. See the Executions for more details.
These templates will be configured in the credentials and will be used when starting the proxy session.
As credenciais JIT usadas para iniciar sessões em dispositivos em redes segregadas, estão disponíveis nos proxys:
- Proxy Web
- Terminal proxy
- RDP
Setting up
In the credential registration form, go to JIT Settings tab;
Select the option Active in Just in Time Configuration;
Select the modality of in the field Type of Just in time;
In the Authentication configuration section, configure whether the credential itself will be used to connect, or if another credential will be used. This credential will be used to run the JIT template in the initial and final stages of the session;
If you chose the Enable/Disable credential option, configure the plugin and template for activation and deactivation;
If you chose the Creation and deletion of credential option, configure the plugin and template for creation and deletion;
Special features
JIT configuration is performed in a credential managed by senhasegura . But usage will be different for each modality.
When using the modality Enable/Disable credential, the credential to which the configuration is being performed will be the target of the enabling and disabling template. In this case, use another credential to authenticate in the JIT step.
When using the modality Creation and deletion of credential, the credential where the JIT is being configured will not be the target of the template. A new dynamic credential will be created on the target device using the pattern senseg9999999 (senseg prefix followed by 7 digits). In this case, the credential itself can be used to authenticate itself to the target device.