Starting and Managing JITA Sessions for Another User
Starting and Managing JITA Sessions for Another User
Starting and Managing JITA Sessions for Another User
The Privilege Secure Administrator role can start, extend and expire JITA sessions on behalf of another user. This can be especially useful for vendors and contractors to avoid having to provide them access to Privilege Secure. It can also be very useful in conjunction with an EDR solution to elevate access for a user who is not connected to the corporate network or VPN, but has internet access.
To delegate access to another user the following steps should be taken:
- Open the grant access screen for the required machined click the JITA Session button above the inventory
- Search for the required user and select the amount of elevated time desired (slide bar, radio button or minute entry), then click the start button. Note: access is only available to users that already have access via the inventory
- The person requesting the access, as well as the person the access is delegated to is captured:
Extended Details
If the target machine is off of the network the EDR solution (if enabled) will be used to provide the elevated access for the user that access is being delegated for. This is very useful if a user doesn't have access to the corporate network or VPN but still needs local admin access. Only administrators of Privilege Secure are able to delegate access.
Appendix
Version Requirements
2.15 or greater
The "JITA Session" button will not be available on Linux systems where Directory Bridging is set to Privilege Secure. This is intentional.
