Configuration

Delinea PAS Configuration

To use Privilege Access Service, you should create a new user and assign to it a System Administrator role.

To create a new user:

  1. In the PAS application, navigate to Access > Users > Add User.

  2. Provide a Login Name, Email Address and Display Name.

  3. Navigate to the Access tab > Roles > System Administrator.

  4. Go to the Members tab and select Add to include the created user in the list of members.

ServiceNow Configuration

  1. In ServiceNow, navigate to All > System Security.

  2. Select Roles to search for user roles.

  3. The following roles are available:

    • x_delinea.approver - This role does not have the ability to change application settings and is restricted to only viewing two specific approval modules. Users with this role are able to approve requests for the PAS for Servers Integration.

    • x_delinea.permanent_access_user - This role is necessary for unlocking requests for permanent access. Users with this role can view the Permanent Access option on request forms for the PAS for Servers Integration.

  4. Navigate to All > PAS for Servers> Properties.

  5. Enter all the PAS tenant details and the Maximum Access Duration limit.

    The upper limit for the Maximum Access Duration field is 90 days.

  6. Select the Yes/No box if you want to allow All System Selection instead of System Sets, or leave it unselected if you want the System Sets to be allowed and displayed based on the user's view permission of the System Set.

  7. Save the changes.

  8. Navigate to All > PAS for Servers> Customized API Sync.

  9. Select Execute Now.

  10. Once the task is executed, check the following data:

    • Accounts

    • Commands

    • Resources

    • Roles

    • Zone Roles

  11. Navigate to All > PAS for Servers> Accounts to display all accounts with Privileged Access Service:

  12. Navigate to All > PAS for Servers > Commands to display all the commands and the commands sets present in Privilege Access Service:

  13. Navigate to All > PAS for Servers > Resources to display all the resources (Domain, Database, Systems) present in Privilege Access Service:

  14. Navigate to All > PAS for Servers > Roles to display all the roles present in Privilege Access Service:

  15. If Server Suite is installed and Zone Role is configured, navigate to All > PAS for Servers > Zone Roles to display all the zone roles present in Privilege Access Service:

  16. Navigate to All > PAS for Servers > Approval Rules to create an approval rule: