The :prompt: is a generic account added to TPAM for PSM session. It allows the ability to have a TPAM account that can be used to log into any user-specific Windows account during a PSM session. The user is prompted to input the desired Windows account name and password when the PSM session is starting.
This allows TPAM to provide the account name and password during RDP session initiation, thereby allowing the RDP session to succeed even when the RDP session security layer is set to SSL/TLS on the Windows machine.
To configure a generic TPAM :prompt: account:
1 The target system must be added to TPAM. The platform for the system can be any of the Windows or SPCW platforms.
2 Select Systems, Accounts, & Collections | Accounts | Add Account from the menu.
3 Enter filter criteria on the Filter tab to find the system to add the account to.
4 Click the System tab.
5 Select the system in the listing.
6 Click the Details tab.
7 Enter :prompt: for the account name.
8 Select None for the Password Management option.
9 Click the PSM Details tab.
10 Select the Enable PSM Sessions check box.
11 Select RDP- Interactive Login as the Proxy Connection Type.
12 Click the Session Authentication tab. Select Not Stored - Specify password during session.
13 Click the Permissions tab. Assign permissions to this account. For details see Permissions tab. Assign Requestor permissions to the appropriate TPAM users.
NOTE: It is not possible to use Event Capture with the :prompt: account.
NOTE: If performing file transfer, credentials must be specified at file transfer time.
The :prompt: account does support domain logins to domain members in the following formats, note the double backslash for the username for some accounts:
- FQDN\\username
- NetbiosDomainName\\username
- username@FQDN
- username@NetbiosDomainName
This :prompt: functionality is available from 2.5.912
BFER 6397
TPAM provides the ability to create a generic TPAM account that can be used to log in to any user-specified Windows account during a PSM session. The user is prompted to input the desired Windows account name and password when the PSM session is starting.
This allows TPAM to provide the account name and password during RDP session initiation, thereby allowing the RDP session to succeed even when the RDP session security layer is set to SSL/TLS on the Windows machine.