search cancel

When does a change in the Global Settings / Applet Customization become effective?

book

Article ID: 134319

calendar_today

Updated On:

Products

CA Privileged Access Manager - Cloakware Password Authority (PA) CA Privileged Access Manager (PAM)

Issue/Introduction

We have a requirement of disabling the SFTP for Linux terminal and Drive Mapping for RDP.This can be achieved from the 

Global setting - >  Applet Customization 


And then following the below documentation on CA site.


  • RDP Drive Mapping: When you enable this feature, a mouseover popup appears with a list of the mapped client Windows drives. Each available drive can be selected using a checkbox for mapping.
  • SSH Terminal File Transfer: When "Enable SCP/SFTP" is selected, the MindTerm based SSH Access Method applet provides the menu items "PluginsSFTP File Transfer" and "PluginsSCP File Transfer". Each menu item invokes a new applet window to operate SFTP or SCP, which provides a file transfer interface. See Display and Access Devices for details on the controls.



We would like to know.

If the enabling the below option need any downtime.

If the options are enabled from Admin site, Will they reflect in the active session.

How can be force the changes to reflect in the active sessions immediately.

Environment

Release :

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

The change will become effective immediately for new RDP/SSH-sessions opened after the configuration change - no downtime / reboot / re-logon is needed of the PAM Server or the PAM Client.


To force closing existing sessions you can use PAM's Session Manager (Sessions / Manage Sessions)

- highlight the relevant user session

- use Logout / Re-authenticate to close the active User Session to PAM (this will also close all access sessions to RDP/SSH targets of this user)

- alternatively use View / Disconnect any Active Sessions to force closing the access sessions to RDP/SSH targets of this user only


We suggest to thoughtfully configure Login / Applet Timeout which will then close idle user sessions / target sessions, respectively.