Customizing 'Reason' list items in Reason Required Password View Policy dialog
Article ID: 366911
Updated On:
Products
Issue/Introduction
Utilizing 'Reason Required For View' or 'Reason Required For Auto Connect' Password View Policy (PVP) will show below dialog when PAM user attempt to show password or auto connect.
The default 'Reason' field list items are
Severity 1: Manual recovery from server outage
Severity 1: Manual change due to potential password breach
Severity 2: Password composition audit
Severity 3: Application migration
Severity 3: Pre-production application testing
Other
How can we customize the 'Reason' filed list items?
Environment
PAM 4.1.x
Resolution
Please do the following.
1. Login as 'super' user, go to Configuration>Security>Access and make sure the following items are Enabled
- External REST API
- Credential Management CLI
2. Please screen capture the current/default Reason field's items on Show Password dialog, for backup.
3. Now use your Google Chrome browser to access the following
https://<PAM server fqhn>/cspm/servlet/adminCLI?adminUserID=super&adminPassword=<password>$&cmdName=setSystemProperty&propertyName=ViewPasswordReasons&propertyValues=Reason 1: Manual recovery|Reason 2: Automatic recovery|Reason 3: Application migration
Notes:
<PAM server fqhn> : PAM server Fully Qualified Hostname or PAM server's IP address
<password> : 'super' user password
4. You will see the result similar to the following when completed
5. Now the "Show Password" Password View Policy dialog shows the following
5. you can disable items at step 1 if necessary.
Feedback
