Hello!
I want to configure below use case. Basically a standard user , after logging in to PS, should be able to access their dedicated/mapped admin account on two different servers with separate Access Policies. They do not have access to the “standard to admin account” mapping rule but have access to separate smart groups as shown below with different policies. When the stnadard user log on they see both Access Policies as options.
1. “Standard_User01” Mapped to → “Dedicated_Admin_User01” Linked To→ “Server01” → AccessPolicyAuto-Approval
2. “Standard_User01” Mapped to → “Dedicated_Admin_User01” Linked To→ “Server02” → AccessPolicyApprovalRequired
Question
Mapped Dedicated Account - Linking to different systems with separate Access Policies
To add some clarification:
I am using two Asset smart rules to create separate Smart Group of servers. Account is linked to these smart groups separately. Then in User management the login user has two different access policies applied on above Managed Account smart group.
The issue I am observing is, when the standard user logs in, they are seeing both Access Polices assigned to both Servers and can submit access requests as well, effectively able to bypass the approval on Server02
Do I need to create Managed System based smart rules ( and groups) and assign the Managed Account to these groups?
Badge Earners
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.