Add to collection(s) Add to saved
  1. Business
Uploaded by Baran

ARCON PAM Client Manager Guide- Version 4.8.5.0 U3

advertisement 
ARCON|PAM
Client Manager Guide | Version
4.8.5.0_U3
Client Manager Guide | Version 4.8.5.0_U3
Table of Contents
1
Overview ..................................................................................................................................................................................... 10
2
Client Manager Login ............................................................................................................................................................. 11
3
Client Manager Navigation .................................................................................................................................................. 15
3.1
Home Screen..........................................................................................................................................................................15
3.2
Menu Bar .................................................................................................................................................................................15
3.3
Navigation Bar.......................................................................................................................................................................15
3.4
Quick Icons .............................................................................................................................................................................16
3.4.1
Language..................................................................................................................................................................................17
3.4.2
Message ...................................................................................................................................................................................17
3.4.3
Notification.............................................................................................................................................................................19
3.4.4
ARCON PAM Logout ..........................................................................................................................................................21
3.4.5
ARCON PAM Message Board .........................................................................................................................................22
4
Access Menu .............................................................................................................................................................................. 24
4.1
Service Access .......................................................................................................................................................................24
4.2
Preferences ............................................................................................................................................................................29
4.2.1
Configure Preferences.......................................................................................................................................................30
4.2.2
Delegation...............................................................................................................................................................................31
4.2.3
Vault: File Upload .................................................................................................................................................................34
4.3
Raise Request ........................................................................................................................................................................35
4.3.1
Service Access Request .....................................................................................................................................................35
4.3.2
Service Password Request ...............................................................................................................................................40
4.3.3
Ticket Request.......................................................................................................................................................................42
4.4
Pending Requests.................................................................................................................................................................45
4.4.1
Pending Service Access Request....................................................................................................................................46
4.4.2
Pending Service Password Request..............................................................................................................................47
4.4.3
Pending Ticket Request .....................................................................................................................................................48
4.5
View Logged In User Activity ..........................................................................................................................................50
4.6
Request Logs ..........................................................................................................................................................................52
5
Application Manager .............................................................................................................................................................. 53
5.1
Server Manager ....................................................................................................................................................................53
5.2
Script Manager......................................................................................................................................................................54
5.3
User Self Registration.........................................................................................................................................................60
5.3.1
User Registration login ......................................................................................................................................................62
2
Client Manager Guide | Version 4.8.5.0_U3
6
Approve or Reject Requests & Logs.................................................................................................................................. 66
6.1
Approve or Reject Requests ............................................................................................................................................66
6.1.1
Approve or Reject Service Access Request ...............................................................................................................66
6.1.2
Approve or Reject Service Password Request .........................................................................................................70
6.1.3
Approve or Reject Ticket Request.................................................................................................................................73
6.2
View Logs (Approved or Rejected Requests) ............................................................................................................76
6.2.1
Service Access Approved or Rejected Logs ...............................................................................................................76
6.2.2
Service Password Approved or Rejected Logs .........................................................................................................81
6.2.3
Ticket Approved or Rejected Logs.................................................................................................................................82
7
User Access Review ................................................................................................................................................................ 85
8
View Access Logs...................................................................................................................................................................... 88
9
Reports ......................................................................................................................................................................................... 90
9.1
Exported Reports .................................................................................................................................................................90
9.2
Dashboard Reports .............................................................................................................................................................93
9.2.1
ARCOS Live ............................................................................................................................................................................93
9.2.2
ARCOS PerfMonIT ..............................................................................................................................................................96
9.2.3
Enterprise Password Report.........................................................................................................................................100
9.2.4
Live Server Sessions .........................................................................................................................................................102
9.2.5
User Access & Usage........................................................................................................................................................103
9.3
Group Reports....................................................................................................................................................................106
9.3.1
Servers In Server Group .................................................................................................................................................106
9.3.2
Service Group Report......................................................................................................................................................109
9.3.3
Services In Server Group................................................................................................................................................110
9.3.4
User Group Report ...........................................................................................................................................................113
9.3.5
Users In User Group.........................................................................................................................................................114
9.4
LOB Reports ........................................................................................................................................................................117
9.4.1
Active Services Group Wise Report ..........................................................................................................................117
9.4.2
Active Services Report (LOB wise).............................................................................................................................119
9.4.3
Active Users Report (LOB wise) ..................................................................................................................................121
9.4.4
Inactive Services Report.................................................................................................................................................123
9.4.5
LOB Details Report...........................................................................................................................................................125
9.4.6
Object Status Report .......................................................................................................................................................127
9.4.7
Service Count Report ......................................................................................................................................................129
9.5
Logs .........................................................................................................................................................................................131
9.5.1
Approval Delegation Report.........................................................................................................................................131
9.5.2
Day Wise Summary Report ...........................................................................................................................................133
3
Client Manager Guide | Version 4.8.5.0_U3
9.5.3
LOG Review Report..........................................................................................................................................................135
9.5.4
My Vault Log........................................................................................................................................................................137
9.5.5
Service Access Log............................................................................................................................................................139
9.5.6
Service Password Request Workflow Logs ............................................................................................................142
9.5.7
Service Request Workflow Log ...................................................................................................................................145
9.5.8
Session Activity Log..........................................................................................................................................................147
9.5.9
Session Wise Summary Report....................................................................................................................................148
9.5.10
Ticket Request Workflow Log......................................................................................................................................151
9.5.11
User Access Review Processes....................................................................................................................................153
9.6
Performance Reports ......................................................................................................................................................155
9.6.1
MS SQL Connection Report..........................................................................................................................................155
9.6.2
New ARCON PAM DeskInsight Devices .................................................................................................................157
9.7
Privilege Reports ...............................................................................................................................................................159
9.7.1
Client Manager Privilege Report ................................................................................................................................159
9.7.2
Group Admin Privilege Report ....................................................................................................................................161
9.7.3
Server Manager Privilege Report ...............................................................................................................................163
9.7.4
User and Service Privileges - Windows RDP .........................................................................................................165
9.8
Security Reports ................................................................................................................................................................167
9.8.1
Critical Commands Executed Report........................................................................................................................167
9.8.2
High Usage Service Report............................................................................................................................................169
9.8.3
Invalid Login Attempts Report.....................................................................................................................................171
9.8.4
Low Usage (in days) Service Report...........................................................................................................................173
9.8.5
Multiple Desktop Logon Report..................................................................................................................................175
9.8.6
Multiple User Logon Report .........................................................................................................................................177
9.8.7
Network Segment Wise Logon Report.....................................................................................................................179
9.8.8
Restricted Commands Executed Report .................................................................................................................181
9.8.9
Service Accessed – Multiple Times Report.............................................................................................................182
9.8.10
User Service Accessed - Multiple Times Report...................................................................................................184
9.9
Service Reports ..................................................................................................................................................................186
9.9.1
Active Services Report....................................................................................................................................................186
9.9.2
Active Sessions Report....................................................................................................................................................188
9.9.3
Multiple Service Reference Number Report..........................................................................................................190
9.9.4
Password Envelope Print Report................................................................................................................................192
9.9.5
Scheduled Password Change Services .....................................................................................................................193
9.9.6
Servers in Domain.............................................................................................................................................................195
9.9.7
Service Accessed Summary Day Wise Report.......................................................................................................198
4
Client Manager Guide | Version 4.8.5.0_U3
9.9.8
Service Accessed Summary Report ...........................................................................................................................199
9.9.9
Service Dependency Report .........................................................................................................................................201
9.9.10
Service Group wise Service Type Report.................................................................................................................202
9.9.11
Services in Domain ...........................................................................................................................................................205
9.9.12
Unique Services IP Address Report...........................................................................................................................208
9.10
User Reports .......................................................................................................................................................................209
9.10.1
Active Users Report .........................................................................................................................................................210
9.10.2
Consolidated User & Service Mapping Report......................................................................................................212
9.10.3
Dormant User Report......................................................................................................................................................213
9.10.4
Dual Factor Auth Configuration Report ..................................................................................................................215
9.10.5
Idle Users Report...............................................................................................................................................................216
9.10.6
Inactive Users Report......................................................................................................................................................218
9.10.7
Last Service Accessed Report ......................................................................................................................................220
9.10.8
Locked Out User Report.................................................................................................................................................221
9.10.9
User & Service Mapping Report..................................................................................................................................223
9.10.10
User Biometric Auth Report .........................................................................................................................................224
9.10.11
User Dormant in next 5 day Report ...........................................................................................................................226
9.10.12
User Hardware Auth Report ........................................................................................................................................229
9.10.13
User Last Logon Report ..................................................................................................................................................231
9.10.14
User Mobile OTP Auth Report.....................................................................................................................................233
9.10.15
User SMS OTP Auth Report..........................................................................................................................................235
9.11
Vault Reports ......................................................................................................................................................................237
9.11.1
Current Password Status Report................................................................................................................................238
9.11.2
Restore Service Password Option Used ..................................................................................................................241
9.11.3
Service Password Age Report ......................................................................................................................................242
9.11.4
Service Password Change Failed (Server Unavailable) Report ......................................................................245
9.11.5
Service Password Changed Status Report..............................................................................................................246
9.11.6
Service Password Changed Success or Failed Report........................................................................................248
9.11.7
Service Password Check Out Report ........................................................................................................................250
9.11.8
Service Password Envelope Print Status Report..................................................................................................252
9.11.9
Service Password Expires in 5 Days Report ...........................................................................................................253
9.11.10
Service Password Manually Changed Report........................................................................................................255
9.11.11
Service Password Never Changed Report ..............................................................................................................257
9.11.12
Service Password Security Status ..............................................................................................................................259
9.11.13
Service Password Vaulting Summary Report.........................................................................................................261
9.11.14
SPC not Configured Report ..........................................................................................................................................263
5
Client Manager Guide | Version 4.8.5.0_U3
9.11.15
10
SPC Success and Failed Report....................................................................................................................................265
Dashboard.................................................................................................................................................................................269
10.1
Users Currently Logged On ..........................................................................................................................................271
10.2
Services Currently Being Accessed ...........................................................................................................................272
10.3
Critical Commands Fired ...............................................................................................................................................273
10.4
Open Passwords ................................................................................................................................................................275
11
About...........................................................................................................................................................................................276
12
Manage Service.......................................................................................................................................................................277
6
Client Manager Guide | Version 4.8.5.0_U3
About this manual
This user manual is a comprehensive documentation for those wanting to get the most out of ARCON PAM
(Privileged Access Management). It combines step–by–step instructions to help you accomplish specific tasks
with detailed description of each feature of the application.
•
•
•
•
•
•
•
•
Disclaimer
Copyright Notice
Related Documents
Target Audience
Symbols & Conventions
Acronyms
POC (Point of Contacts) & Support Information
Acknowledgement
Disclaimer
This Manual of ARCON PAM solution is being published to guide stakeholders and users with the step-by-step
procedures involved in the Client Manager (CM) solution and it is hoped that the manual will be useful for
stakeholders and technical consultant.
The manual is in the nature of a guide for the users and, if any of the statements in this document are at
variance or inconsistent it shall be brought to the notice of ARCON PAM through the support team. Wherever
appropriate, references have been made to facilitate better understanding of the PAM solution. The ARCON
PAM team has made every effort to ensure that the information contained in it was correct at the time of
publishing.
This Manual of ARCON PAM solution contains information which is the intellectual property of ARCON PAM.
This document is received in confidence and its contents cannot be disclosed or copied without the prior
written consent of ARCON PAM.
Nothing in this document constitutes a guaranty, warranty, or license, expressed or implied. ARCON PAM
disclaims all liability for all such guaranties, warranties, and licenses, including but not limited to: Fitness for a
particular purpose; merchantability; non infringement of intellectual property or other rights of any third party
or of ARCON PAM; indemnity; and all others. The reader is advised that third parties can have intellectual
property rights that can be relevant to this document and the technologies discussed herein, and is advised to
seek the advice of competent legal counsel, without obligation of ARCON PAM.
Copyright Notice
Copyright © 2019 ARCON PAM All rights reserved.
ARCON PAM retains the right to make changes to this document at any time without notice. ARCON PAM
makes no warranty for the use of this document and assumes no responsibility for any errors that can appear in
the document nor does it make a commitment to update the information contained herein.
Trademarks
Other product and corporate names may be trademarks of other companies and are used only for explanation
and to the owners' benefit, without intent to infringe.
Related Documents
Below are the related documents, which help to understand the ARCON PAM in detail
7
Client Manager Guide | Version 4.8.5.0_U3
• ARCON PAM Overview Guide gives the overview of ARCON Privilege Access Management.
• ARCON PAM Installation & Configuration Guide describes how to prepare the environment, install, and
configure the ARCON Privilege Access Management Solution.
• ARCON PAM Privileged Access Management (PAM) User Guide describes the features, benefits,
functionalities.
• ARCON PAM Set-up Pre-requisite describes the hardware and software required for deployment of
ARCON PAM in the user environment.
• ARCON PAM Troubleshoot provides the basic information for ARCON PAM issues.
• ARCON PAM Administrative Guide describes the process to administer, manage, and monitor Privilege
Identities and servers across the organization.
Target Audience
This guide is intended for auditors, consultants and security experts responsible for securing, auditing and
monitoring server administration processes; especially remote server management. It is also useful for IT
decision makers seeking for a tool to improve the security and auditing of their servers or to facilitate
compliance to the unique standard.
The following skills and knowledge are necessary for a successful ARCON PAM administrator:
•
•
•
•
Basic system administration knowledge.
Basic understanding of networks, TCP/IP protocols, and general network terminology.
Working knowledge of the Windows operating system is not mandatory, but highly useful.
In-depth knowledge of various servers and server applications is required for forensics situations.
Symbols and Conventions
The Following are the symbols and conventions used in this manual:
Symbols
Description
Indicates helpful tips, shortcuts, and suggestions.
Note
Indicates additional information.
Information
0
This manual uses the following conventions to refer to sections, navigation, and other information.
Convention Description
Bold
Keywords and menu names are displayed in bold.
0
Acronyms
The abbreviations used in this manual are as follows:
Acronyms
Description
PAM
Privileged Access Management
CM
Client Manager
LOB
Line of Business
SSH
Secure Shell
RDP
Remote Desktop Protocol
8
Client Manager Guide | Version 4.8.5.0_U3
Acronyms
Description
RDC
Remote Desktop Connection
OTP
One Time Password
0
POC (Point of Contacts) & Support Information
The product is developed and maintained by ARCON TechSolutions Private Limited
Web: https://arconnet.com/
Sales Contact
You can directly contact us with sales related topics at the email address <sales@arconnet.com>, or leave us
your contact information and we will call you back.
Support Contact
To access ARCON PAM Support Centre (ASC), Sign in with your account.
•
•
•
•
•
Remote support is available 24*7.
ARCON PAM Support System is available only for registered users with a valid support package.
ARCON PAM Support Centre (ASC): https://support.arconnet.com/
Central Support e-mail address: <arcos.support@arconnet.com>
Support hotline:
Global: +91 8080005577 (For ARCON PAM Support Press 3)
UAE: 800035703628 (Press 1)
9
Client Manager Guide | Version 4.8.5.0_U3
1 Overview
The Client Manager is a Web Console used by Administrators to access the target operating systems, databases
and the networking devices. This web console supports multi-domain authentication, dual factor
authentication; multi-tenancy and target connectors. The Client Manager provides a single admin console to
the Administrators accessing different devices/OS/databases. It also provides the detail usage and benefits of
each functionality available in the Client Manager. Through Client Manager, the user can access the services,
raise a request, and view the logs and reports.
 Further, in this course we will use CM as the abbreviation for Client Manager.
10
Client Manager Guide | Version 4.8.5.0_U3
2 Client Manager Login
This section helps you to login into Client Manager application. When access is no longer needed, you can log
out (log off, sign out or sign off) from the application. ARCON PAM is accessed through the web-browser as
soon as the Implementation Engineer (IE) installs and configures ARCON PAM. On successful configuration of
ARCON PAM application, ARCON PAM Privileged Access Management login page appears.

If the Server and Client ActiveX Version does not match, the
icon will be disabled and
icon
will be enabled. Also, it will prompt the Administrator to download the latest ActiveX version from the
server.
Follow the below steps to login to ARCON PAM Privileged Access Management :
1. Enter the UserName and Password.
2. Select the Domain Name from the dropdown list.
11
Client Manager Guide | Version 4.8.5.0_U3
3. If login icon is disabled for Mozilla Firefox or Internet Explorer you have to Install and Configure
following Add On or Plugin:
Mozilla Firefox - Java Plugin
Internet Explorer - ActiveX Add On
 If you do not know how to install Java plugin in your Mozilla Firefox browser, a Java Applet Help
file will open by clicking on A+ icon present below the Domain Name field on the ARCON PAM
login page.
4. Login icon is enabled on successful installation of Java or ActiveX plugins.
12
Client Manager Guide | Version 4.8.5.0_U3
5. Click Login icon to login into ARCON PAM application.
 Below are the error messages displayed for the login attempt failure by users :
The User is Dormant error message is displayed, if user attempts to login more than the
set dormancy days.
The User is Lockout error message is displayed, if user attempts to enter invalid
password more than the configured lockout attempts.
The User is Disabled error message is displayed, if the user has expired or has been
dropped by the administrators.
 Client Users having Manager Menu Display privilege will only be able to view Manager menu in
Client Manager after login.
Enable Dual Authentication
To enable Dual Authentication, configure Mobile OTP Validator in Server Manager. If Mobile OTP Validator is
configured, pop up is populated after entering the login credential.
13
Client Manager Guide | Version 4.8.5.0_U3
 To get the OTP on your registered mobile number, you have to install the ARCON PAM OTP app in
your smart phone (Android & Apple).
Follow the steps to enable dual authentication:
1. Enter the Challenge/Pin code in the ARCON PAM OTP application.
2. A new OTP will generate in the mobile application. Enter the OTP and click on Validate OTP. The Client
Manager will open on validating the OTP.

The OTP is refreshed after every 60 seconds automatically.
Once the Login is clicked, the entered Username and Password is authenticated with the
ACTIVE DIRECTORY domain or local domain of the server.
14
Client Manager Guide | Version 4.8.5.0_U3
3 Client Manager Navigation
Client Manager has a very user friendly navigation. It is divided into:
• Home Screen
• Menu Bar
• Navigation Bar
3.1 Home Screen
The Client Manager home screen appears on successful login.
The User Interface of Client Manager is simple with Menu bar on top, Navigation bar on the left hand side and
Quick Icons for accessing notifications alerts.
3.2 Menu Bar
The Menu bar helps you to access the LOB (Line of Business), manage and create services, view various report,
and gives details about the background access and version.
LOB (Line of Business) are the Business Unit of an organization. Listed below are the menu, which appears on
the Menu Bar.
•
•
•
•
My Access: displays the assigned service details.
Manager: helps the approver/admin to approve the raised request.
Reports: shows the various reports.
Dashboard: shows the graphical representation of users currently logged on, services currently being
accessed, critical commands fired and open passwords.
• About: includes Version and Release Date of ARCON PAM Client Manager.
3.3 Navigation Bar
The Navigation bar on the left hand side is user friendly. The list on the navigation bar changes according to the
menu selected. To view the Navigation bar click on the
menu bar.
15
icon present on the top left hand side corner of
Client Manager Guide | Version 4.8.5.0_U3
The summarized details of each menu bar with the listing on the navigation bar is as follows:
My Access menu bar shows following list:
• My Services: allows users to view all the services available in any particular LOB.
• Preferences: shows the path of the services and the last updated date and delegate the approval
authority to another user for a particular amount of time.
• Raise Request: for service, password and ticket.
• Pending Requests: view the pending service, password request and ticket request.
• Request Logs: view the list of approved and rejected requests for Service Access and Service Password.
• My Activity: allows you to view the activity performed on the various services through a video log.
Manager menu bar shows following list:
•
•
•
•
My Apps: gives you the option to opens Server Manager and Script Manager application.
Approval Requests: allows the admin/approver to approve the raised request.
Approval Logs: allows admin/approver to view the approved or rejected logs.
Access Logs: allows the admin/approver to view services performed by the user through video log.
Reports menu bar shows the various reports:
• Group Reports: shows group reports for users and services.
• LOB Reports: allows you to view and download Active/Inactive service or users reports depending on
the selected LOB.
• Logs: allows you to view and download various logs.
• Performance Reports: allows you to view and download performance reports of MS SQL Connection
and ARCON PAM Desk Insight Devices.
• Privilege Reports: shows reports of privilege access user on Client Manager and Server Manager.
• Security Reports: contains Security reports, which includes commands execution details and login
attempts made by the user.
• Service reports: contains reports of all the service such as Active Services, Unique Services, IP, etc.
• User Reports: contains user reports such as active/inactive users, idle users, locked out user, etc.
• Vault reports: contains service password reports i.e. password assigned to the services such as Service
Password Age Report, Service Password Change Failed, Service Password Change Status.
Dashboard menu shows the graphical representation of users currently logged on, services currently being
accessed, critical commands fired and open passwords.
3.4 Quick Icons
Quick icons are present on the Right-Hand side of the window to access the regular activity of the user. The
quick icons displayed are Language, Message, Notification, New Notification for Message Board, and ARCON
PAM Admin to change Password and Logout from the Client Manager application.
Below are the icons, which appears on the Quick Access panel.
• Language
• Message
• Notification
• User Sign Out/ Password Change
16
Client Manager Guide | Version 4.8.5.0_U3
• New Notification
3.4.1 Language
You can select various languages from Language icon and view the ARCON PAM application with the selected
language.
Process to set the Language:
1. Click on Language
icon drop down list.
2. It will list down all the languages.
3. Select the desired language. The application will change the content accordingly.
 The configuration value is configured by the Administrator in Webconfig file of application
server, to enable or disable language change option.
If the configuration value of ShowLanguageChangeDropDown is True, then language
change dropdown is enabled in Client Manager home screen.
If the configuration value of ShowLanguageChangeDropDown is False, then language
change dropdown is disabled in Client Manager home screen.
By default, the configuration value is set to True.
3.4.2 Message
In the Message icon, you will receive the mail of raised request.
Process:
1.
2.
3.
4.
Click on the message
icon.
It displays the number of messages.
You can check/uncheck all the records, by clicking on the Check/Uncheck All button.
You can delete the messages, by selecting the checkbox on the left hand side of the record and click on
the Delete button.
17
Client Manager Guide | Version 4.8.5.0_U3
5. Click on Open. It opens the message box.
Fields Available:
•
•
•
•
From- It displays the username of the requester.
Subject- It displays the subject of the message.
Received On- It displays the date on which the message received.
Open- It allows the user to open the message to read.
Images Available
•
Check and Uncheck the box to read and unread the mail.
18
Client Manager Guide | Version 4.8.5.0_U3
•
This image shows the unread mail.
•
This image shows the read mail.
•
This image shows the high priority mail.
•
This image shows the secured mail.
3.4.3 Notification
Notification icon, the requester will receive the notification of the raised request/ticket.
Process to view notifications:
1. Click on notification
icon.
2. It displays the number of notifications.
3. There are in total 10 raised service access request, service password request and ticket request.
4. Click on new Service Access Request link.
5. It displays the detail description of raised Service Access Request.
19
Client Manager Guide | Version 4.8.5.0_U3
6. Click on new service password requests.
7. It displays the detail description of raised Service Password Request.
8. Click on new ticket requests.
9. It displays the detail description of raised Ticket Requests.
20
Client Manager Guide | Version 4.8.5.0_U3
3.4.4 ARCON PAM Logout
You can logout from the ARCON PAM application and change the login password of the application.
Process to logout and change password:
1. Click on
icon.
2. Click on Change Password to open the screen.
21
Client Manager Guide | Version 4.8.5.0_U3
3. Fill the details and click Change Password button.
4. Click on Logout to logout from the application.
3.4.5 ARCON PAM Message Board
You can configure messages in ARCON PAM Message Board (Server Manager) to be displayed on pages in
Client Manager after or before login.
Process to view configured message:
1. The New Notification icon is displayed on page after login into Client Manager if you have
selected Display On All Pages After Login checkbox in ARCON PAM Message Board (Server Manager
→ Tools → Advanced Configuration → Default Configuration → ARCON PAM Message Board).
2. Click New Notification icon.
22
Client Manager Guide | Version 4.8.5.0_U3
3. The configured message is displayed.
 If you have selected Display on Login Page – Popup Window checkbox in ARCON PAM Message
Board (Server Manager), then configured message will be displayed on login page.
23
Client Manager Guide | Version 4.8.5.0_U3
4 Access Menu
My Access menu feature displays details of the services mapped to a particular LOB. The service details are
filtered based on the selected LOB, Service Type, IP Address or Host Name.
LOB: Line of Business is a set of one or more internal corporate business unit. These business units may have a
dedicated team working independently. The LOB supports multi-tenancy i.e. if a company is having many clients
they can create and segregate the clients according to the LOB in the ARCON PAM application. Thus, LOB
becomes the root of all the entities viz. Users, Services, User Group, Server Group etc. when integrated in
ARCON PAM. Based on the selection of the LOB the service type will be available in the Service Type list.
Service Type: Service Type includes server-based services depending on the client needs, such as service to
access any particular command, RDC (Remote Desktop connection), SSH(Secure shell) Linux. These services
helps to implement, maintain, support and control the privilege identities with ease. The Admin/Approver
approves the request for the users to access the services. Based on the selection of the Service Type the various
services assigned for the LOB will be displayed.
IP Address/Host Name - Internet Protocol address is a numerical address assigned to each device in the
computer network.
Below are the various Service Type:
•
•
•
•
•
•
•
•
•
•
App Secure Shell Client
App Single View
AppSQLDeveloper - Oracle
AppToad- DB2
AppToad- Oracle
App Unix GUI
App Web Browser
SSH Firewall
SSH Linux
Windows RDP
4.1 Service Access
My Services allows Users to view all the services assigned to him. User can also mark services as favourite.
Follow below process to list the various services for the user and mark services as favourite.
24
Client Manager Guide | Version 4.8.5.0_U3
Process to open the connection for Server:
1. Select My Services from navigation bar.
2. It opens the My Services screen.
 If you configure value for Service Access All LOB - Is Enabled as 1 in Global Configuration, then
All LOBs option will be displayed in LOB drop down list. This configuration can be enabled if you
want to display services for particular IP Address or Hostname from all LOBs.
3. Select the LOB and Service Type from the drop down list. It will list down all the services assigned to the
user.
 If the user knows the IP Address/Host Name, then the services will be displayed according to
the IP address selected. However, according to the selected LOB the IP address should be
entered.
25
Client Manager Guide | Version 4.8.5.0_U3
4. Check ALL Services checkbox, to display all the services assigned to the user.
5. You can filter the required number of records to be viewed in grid by selecting from the Show
Entries dropdown list.
6. The Search option available on the right-hand side helps to search particular services in the selected list.
7. The Lock
icon at the right hand side represents the time frame (Type of access) to access the
services by the uses.
Types of access
Permanent: Assigns Permanent and full access of the service to the user.
26
Client Manager Guide | Version 4.8.5.0_U3
Time-Based Access: Assigns the service to the user for a particular time as requested while
raising the request for the service.
One Time: Assigns the service to the user for One Time only.

The grayed lock
icon means that the assigned service is permanent for user.
8. The icon next to lock image is to mark Service as favourite. The services which are marked as Favourite,
will appear prior to other Services in list.
9. Click Mark / Unmark Service as Favourite
icon to mark/unmark Service as Favourite.
 The icon for Services which are marked Favourite will be displayed in yellow colour.
10. Click My Favourite button displayed besides All Services checkbox to view favourite Services.
27
Client Manager Guide | Version 4.8.5.0_U3
11. The icon next to star icon is to open connection for the server.
12. Click Open Connection
icon to open the connection for the selected service.
13. You can search for Service created in ARCON PAM using Quick Search link.
 You need to enable Global Search value from Website Configuration file to view Quick
Search in Client Manager.
14. Click Quick Search link displayed on top in right pane. The following window pops up.
15. Enter any part of Service (Eg. IP Address, Service Username, Service Type). The Services will be displayed
in drop down list.
28
Client Manager Guide | Version 4.8.5.0_U3
 Both assigned and unassigned Services will be displayed in Quick Search list.
16. Click on the details displayed in drop down list.
17. If the selected Service is assigned to you, then connection will be opened for Server. Whereas, if selected
Service is not assigned to you, then following message will be displayed on My Services screen.
The selected service is not assigned to you!
18. Enter any part of Service and click Search
icon from Quick Search window. The Services which are
assigned to you from the Quick Search drop down list, will be displayed in grid view on My Services
screen.
 Enter * and click Search icon to view assigned Services.
4.2 Preferences
Preferences feature helps the user to view the integrated third party application’s exe path. User can also
update the path of the application. The user can view the last updated date and delegate the approval authority
to another user for a particular amount of time. To open the Preferences screen, Click on star
navigation bar.
29
icon on the
Client Manager Guide | Version 4.8.5.0_U3
The options available for Preferences are:
• My Preferences
• Delegation
• My Vault
4.2.1 Configure Preferences
My Preferences shows the integrated third party application’s exe path and the last updated date of the exe
application. User can also update the third party exe path of the application.
Process to update the third party exe application:
1. Click on My Preferences.
2. Select Service Type.
30
Client Manager Guide | Version 4.8.5.0_U3
3. Path of the selected service type appears with the last updated information.
 User can enter special characters excluding ?,<,>,| and * special characters in Path field.
4. Click the Update button to update the third party exe application path.
5. On successful update, a message User Preferences Has Been Updated Successfully is displayed.
4.2.2 Delegation
Delegation is assigning the responsibility or authority to another person, from a manager to a subordinate to
carry out the raise request i.e. Service Access, Service Password and Ticket activities. However, the user who
delegates the work remains accountable for the output of the work. Delegation helps the subordinates to make
decision in their absence. In other words, it is shifting of authority from one level to another. It helps the
31
Client Manager Guide | Version 4.8.5.0_U3
organization to take decision quickly, helps in building skills of subordinates and motivate them to perform
better.
 Users having Delegation privilege will only be able to view Delegation option in Client Manager.
Pre-requisite: The workflow should be defined in Server Manager before delegating the responsibility.
Steps to delegate the approval process:
1. Click Preferences and then Delegation.
2. It opens the Delegation window.
3. Check the Enable Delegation checkbox, on the extreme left-hand side.
4. Click on Add New Delegation on the right-hand side of the delegation window.
32
Client Manager Guide | Version 4.8.5.0_U3
5. Select the Approval type from the Approval Type drop down list. The drop down list displays the type of
approval authorities they want to pass to another user.
6. Select the User Name from the dropdown list.
7. Select the Start Time and End Time for which you want to pass the approval authority to another user.
8. Check the Active box and click on Submit.
9. On successful submission, the Username and Approval Type for a specified period will appear.

The user can Edit and Delete the records.
If the request or rejection for any service has been raised by the user, an email would be
sent to the approver as well as to the delegated user at same level.
33
Client Manager Guide | Version 4.8.5.0_U3
4.2.3 Vault: File Upload
My Vault is used for securely uploading files in ARCON PAM. The users having File Vault privilege will only be
able to upload, download, view, or delete files in vault, thus making uploading of files secure.
File upload
1. Users can browse and upload the file to be added to File Vault.
2. Check the File Available till check box and select the date and time, click Apply. The uploaded file will be
automatically deleted after this date or the files can be deleted manually as well.
34
Client Manager Guide | Version 4.8.5.0_U3
1. Click the

1. Users having File Vault privilege will only be able to upload, download, view, or delete files
in My Vault.
2. Files can be uploaded in My Vault, using two methods:
You can use Drag & drop files method, where you can drag and directly upload the files
in My Vault.
You can use Browse button, where you can browse the file from the respective file
location and upload the files in Vault.
3. User can view, download, or delete only those files which are uploaded by them.
 An administrator with Global Configuration Privileges can restrict the types of files that are uploaded.
Administrators will have to enable "Allowed File Types For Upload'
• If the value is blank (this is the default value), it will allow all file formats to be uploaded.
• If file types are added to the value field, it will allow only these particular file formats to be
uploaded.
4.3 Raise Request
The user can raise a request to the Admin/Approver to access the service and password.
The various request, raised by the user, are as below:
• Service Access
• Service Password
• Ticket
4.3.1 Service Access Request
Service Access Request feature helps the user to raise a request for accessing any service which is not assigned
to his ID. The user can raise a request to the Admin/Approver to access any service and password.
35
Client Manager Guide | Version 4.8.5.0_U3
User can raise three types of access request - permanent, one time and time based. In Permanent access type,
User gains permanent access to the service; in one time access type, User can access service only once in
assigned time; whereas in time based access type, User can access service multiple times within assigned time.
 Permanent Service Access request can be enabled or disabled as per the following Global
Configuration.
Permanent Request Service Access - Is Enabled
If the value is 1 (default value), the users shall be able to raise a permanent service access request. If
the value is 0, user won't be able to raise a permanent service access request.
Process to raise a request for accessing the Service:
1. Click Raise Request
icon. Click Service Access. It opens the Service Access Request screen.
36
Client Manager Guide | Version 4.8.5.0_U3
The following details are displayed in Service Access Request screen:
Field
Name
Description
LOB
Select the LOB from drop down list.
Service
Type
Select the Service Type from drop down list.
Search
Service (IP
Address /
Hostname)
Enter the IP Address / Hostname to search Service.
 If you know the IP Address / Hostname, enter IP Address or Hostname of
service in text field and click
37
icon.
Client Manager Guide | Version 4.8.5.0_U3
Field
Name
Service
Description
Select the Service(s).
 You can select multiple Services to raise request for access.
Configurati
Select the Configuration Commands.
on
Commands

The Configuration Commands shows commands available for the
selected service type.
The Configuration Command field can be displayed based on the
defined Global Configuration Settings.
If value of Hide Configuration Command for Service
Request in Global Configuration is configured to 0, then
the user can view the Configuration Command field.
If value of Hide Configuration Command for Service
Request in Global Configuration is configured to 1, then
the user cannot view the Configuration Command field.
Access Type
Select the type of access, i.e., Permanent, One Time or Time Based from the dropdown
list.
 To know more about Access Type read Types of Access from Service Access
section.
38
Client Manager Guide | Version 4.8.5.0_U3
Field
Name
Description
One Time Access Type
Access Duration
Select the date and time.
 You can access service only once within the defined date and time.
Per Session Duration
Select number of hours and minutes.
 You can access service continuously for defined time in this field.
Time Based Access Type
Users can raise a time based service access request only for the duration set as per the following
Global Configuration
Service Access Request (in days)
The minimum value is 1 (default value), the users shall be able to raise a service access request only for
a day.The maximum value is 90, the users shall be able to raise a service access request for 90 days.
Access Duration
Select the dates to access service.
 You can access service only within the defined dates.
Access Period
Select the time.
 You can access service between defined dates in Access Duration field and
only between time specified in Access Period field.
Per Session
Duration
Select number of hours and minutes.
 You can access service continuously for defined time in this field.
Description Enter the reason for accessing service.
Reference
Type
Select the type of reference from drop down list.
Reference
Details
Enter the reference details.
39
Client Manager Guide | Version 4.8.5.0_U3
Field
Name
Description
Verification
Enter the verification code displayed in captcha.
Code
 If the value configured in CAPTCHA Validation In ACMO Service Access And
Password Request - Is Enabled in Global Configuration is 1, then Captcha
validation will be enabled on Service Access screen. Whereas, if the value is
configured as 0, captcha validation will not be enabled.
0
 Multiple Service Access Requests can be raised by the user in a single request.
2. Select / enter details and click Submit. The request raised goes to the approver’s email inbox and Client
Manager for approval.
4.3.2 Service Password Request
Service Password Request feature helps the User to raise a request for viewing the password of a service. The
user can raise a request to the Admin/Approver to accessing any service or password.
 Service Password can be enabled or disabled as per the following Global Configuration.
In Global Configuration, ARCOS Service Password - Is Enabled has been added. If the value is 1
(default value), the users shall be able to raise a service password request. If the value is 0, users won't
be able to raise a service password request
Process to raise a request for Service Password Access:
1. Select the Service Password option from the Raise Request navigation bar.
40
Client Manager Guide | Version 4.8.5.0_U3
2. Service Password Request screen appears.
The Service Password Request screen contains the following fields:
Field Name
Description
LOB
Select the LOB.
Service Type
Select the Service Type.
Search Service (IP
Address / Hostname)
Enter the Service details and click Search
icon.
 You can click Search icon without entering any value in Search
Service (IP Address / Hostname) to enable Service dropdown.
Service
Select the Service.
Description
Enter the Description.
View On
Click Now checkbox to view password as soon as approval process has
been completed.
 You can deselect Now checkbox and enter date and time in field
just below the checkbox. The Service Password will be delivered
after approval process in your ARCON PAM Mailbox at
configured date and time.
41
Client Manager Guide | Version 4.8.5.0_U3
Field Name
Open For Hours
Description
Select the time for which you want password to be opened.

Open Till Date
The value configured in Max Hours for Service
Password
Duration configuration
in Global
Configuration will be displayed as maximum hours
in Open for Hours drop down.
If the Min Password Age is configured other then 0,
then VPC Service will check minimum configured days
before changing password of Service.
Displays the date and time, until when the password is open for use.
 The data in this field is auto populated based on the values
selected in View On and Open For Hours.
Verification Code
Enter the displayed verification code.
0
3. Enter or select details and click Submit. Request will be raised for selected Service.
 The raised request goes to the approver(s) inbox and Client Manager for approval.
4.3.3 Ticket Request
Ticket Request provides an extra layer of protection in accessing any service. The user can raise a ticket request
to the Admin/Approver for accessing any service. The ticket number associated with the ticket request will be
used to access the requested service, once approved by the Approver.
Process to raise a request for Ticket:
1. Select the Ticket option from the Raise Request navigation bar.
42
Client Manager Guide | Version 4.8.5.0_U3
2. It opens the Ticket Request Screen.
The following fields are displayed on Ticket Request screen:
Field Name
Description
LOB
Select the LOB.
Location
Select the location.
43
Client Manager Guide | Version 4.8.5.0_U3
Field Name
Description
Service Group
Select the service group.
Service Type
Select the service type.
Service / IP Address
Select the service details.
 Based on the selected LOB, Service Group and Service Type,
services are displayed in Service / IP Address drop down.
Executor
Select the name of the executor.

Ticket Type
Executor is the User uses the ticket to access service.
Only those Users to whom selected service is assigned
are displayed in Executor drop down.
Select the type of ticket.
Below are the types of tickets available:
PE - Planned Event: If there is any periodical process of raising a
ticket or any pre-planned cyclic procedure for ticket raising then
it comes under Planned Event.
CR - Change Request: If a request is raised to have any change
in the service it will come under Change Request.
Activity Type
Select the type of activity.
Below are the types of activities available.
SA (Service Affecting): The activity which affects the service.
NSA (Non Service Affecting): The activity which does not affect
the service.
Start Time
Select the start date and time for ticket to be valid.
End Time
Select the end date and time for ticket to be valid.
Expected Duration
Select the time to continuously access service once connection has been
established.
 The value configured in Max Hours For Ticket Session
Duration(in hours) under Global Configuration is displayed as
maximum number of hours in Expected Duration drop down. If
value 0 is configured, then this drop down is displayed as blank.
Impact
Select the impact.
Impact Location
Select the impact location.
Description
Enter the description for raising ticket request.
44
Client Manager Guide | Version 4.8.5.0_U3
Field Name
Attachment 1
Description
Browse the path of 1st attachment.
 The attachment should be less than 10 MB.
Attachment 2
Browse the path of 2nd attachment.
 The attachment should be less than 10 MB.
0
3. Select or enter required details and click Submit.
4. Ticket request will be submitted and following success message will be displayed.
Ticket Created Successfully! Ticket Number:..

Any User can raise ticket request for the executor.
The User who raises ticket request shall share Ticket number and other details with the
executor.
4.4 Pending Requests
The Pending Request helps the user to view the Service Request and Service Password pending request.
The options available under Pending Requests are as follows:
• Service Access
• Service Password
• Ticket
45
Client Manager Guide | Version 4.8.5.0_U3
4.4.1 Pending Service Access Request
The pending service access request feature helps the User to view the list of service access request which are
pending for approval.
Process to view pending request for Service Access:
1. Select the Service Access from the Pending Request navigation bar.
2. Select the number of entries from the Show Entries dropdown list.
 Search option is available on the right hand side to search the entries directly.
3. The following fields are available on the list:
Field Name
Description
Requested By
Displays the name of the User raising the request..
Requested On
Displays the date and time on which the request is raised.
Description
Displays the Description entered by the user while raising a request.
Access Type
Displays the type of access requested by the user while raising a request.
Service
Displays the details of Service.
Current Status
Displays the current status of raised request.
In the above figure, the request raised by the ARCON PAM Admin is
pending with the first level approval.
 Admin can configure maximum up to 5 levels of approval in the
server manager. Once the first level of Approver approves the
request, it will pass to the second level of approver and so on.
Pending With
Displays the name of approver with whom the request is pending.
46
Client Manager Guide | Version 4.8.5.0_U3
4.4.2 Pending Service Password Request
The Service Password Pending Request feature helps you to view list of requests raised by Users for viewing
password of a service which are pending for approval.
Process to view pending request for Service Password:
1. Select the Service Password option from the Pending Request navigation bar.
2. Select the number of entries from the Show Entries dropdown list.
 Search option is available on the right hand side to search the entries directly.
3. The following fields are available on the list:
47
Client Manager Guide | Version 4.8.5.0_U3
Field Name
Description
Requested On
Displays date and time of raising the request.
Requested By
Displays the name of User raising the request.
Description
Displays the Description entered by the user while raising a request.
Requested Till
Displays the date and time till when User wants the service password to be
open.
Service
Displays the details of Service.
Current Status
Displays the current status of raised request.
In the above figure, the request raised by the ARCON PAM Admin is
pending with the first level approval.
 Admin can configure maximum up to 5 levels of approval in the
server manager. Once the first level of Approver approves the
request, it will pass to the second level of approver and so on.
Is View Now
Displays whether User has selected Is View Now option while raising the
request.
4.4.3 Pending Ticket Request
Pending Ticket Request feature helps you to view list of ticket requests which are pending for approval.
Pending tickets are displayed in executor's Client Manager.
Process to view pending request for Ticket:
1. Select the Ticket option from the Pending Request navigation bar.
48
Client Manager Guide | Version 4.8.5.0_U3
2. Select the number of entries from the Show Entries dropdown list.
 Search option is available on the right hand side to search the entries directly.
3. The following fields are available on the list:
Field Name
Description
Ticket No.
Displays the Ticket No. assigned to the raised request.
LOB
Displays the LOB of service selected by User while raising request.
Service Group
Displays the service group selected by User while raising request.
Ticket Type
Activity Type
Executor
Displays the type of ticket selected by User while raising request.
Displays the type of activity selected by User while raising request.
Displays the name of the Executor.
Start Time
Displays the date and time from which ticket will be valid.
End Time
Displays the date and time to which ticket will be valid.
Current Status
Displays current status of ticket request.
Pending With
Displays the name of approver with whom the ticket approval is pending.
0
4. Click View Details to view the details about the ticket.
5. In Approve- Ticket Request window, the user can view Requestor/Executor Details, Service
Details and Ticket Details.
49
Client Manager Guide | Version 4.8.5.0_U3
 Only the authorized Approver/Admin can approve the ticket.
4.5 View Logged In User Activity
My Activity feature helps the User to view various activities performed by him on services through video log.
 User having View Service Access Logs With Details privilege will be able to view various activities
performed by him on services through video log.
Process to view Video Log:
1. Select My Activity from the navigation bar.
50
Client Manager Guide | Version 4.8.5.0_U3
2. The My Activity screen appears.
3. Select the Service Type from the Service Type drop down list. It will list down all the service types
available.
4. It will list down all the details of the activity performed on the services.
5. To view the video log click on the Details.
6. On clicking Details, ARCOS Client screen appears.
51
Client Manager Guide | Version 4.8.5.0_U3
 Log Viewer will open and the user can see the action performed by him on the services through
video log.
4.6 Request Logs
This will display the Request Logs and the status of the requests i.e. whether a particular request is approved or
rejected.
The logs are displayed for
• Service Access Request Logs
• Service Password Request Logs
52
Client Manager Guide | Version 4.8.5.0_U3
5 Application Manager
Manager tab allows the administrators to view and configure the different settings for ARCON PAM.

• Manager tab will be visible for Administrator Users.
• Manager tab will be visible for Client User having Manager Menu Display privilege.
Two sections are covered under Managed Applications (My Apps):
• Server Manager
• Script Manager
5.1 Server Manager
Server Manager helps to administer, manage, and monitor Privilege Identities servers across an organization.
The User as an Administrator has an access to both the Client and Server applications. They have to provide
the Username and Password and are authenticated by the selected Domain Name.
Services provided in Server Manager are as below:
•
•
•
•
•
•
•
•
•
•
•
•
•
LOB Creation
User Creation
User Modification
User Access Control
Service Creation
Integrating Web Application
Group Creation
Mapping Users to LOB
Removing and sharing users from LOB
Mapping User group to LOB
Mapping Service to LOB
Mapping Service groups to LOB
Mapping User to User group
53
Client Manager Guide | Version 4.8.5.0_U3
•
•
•
•
•
•
•
•
•
•
•
Mapping Services to Server group
Mapping Service group to User group
Mapping Service to Users/Multiple Users
Automatically Map UserGroup and ServerGroups
Command management in Servers
Command Logs
ARCON PAM logs
USER Access Logs
Service Logs
Service Password status
Password Management
5.2 Script Manager
With ARCON PAM Script Manager the Administrator can run a script and monitor multiple databases
simultaneously. Script Manager User should be assigned with the appropriate privileges such as rights to create
a new script, edit an existing script and run the script through ARCON PAM on the required destination
database server.

• User should have the privileges of Script Manager
Create New Script privilege to add new script
Edit Script privilege to edit an existing script
Run Script privilege to run a script.
• Particular Service Type should be assigned to the user.
Process to Launch Script Manager
1. Click Manager tab.
2. My Apps page opens, click the Script Manager icon.
3. ARCON PAM Script Manager opens on a new window. There are two tabs on this window Auto Script
Runner and Script Manager Log.
54
Client Manager Guide | Version 4.8.5.0_U3
Perform the following steps to run the scanner
1. Select the LOB/Profile and Service Type from the drop down list. All the servers for the selected service
type will be listed on the left hand side pane.
2. Right click on the server and choose Add Servers to Script Manager’s Queue. The selected servers are
added to the top middle pane with the status as Added to Queue.
55
Client Manager Guide | Version 4.8.5.0_U3
 The various Status of the selected servers in the Queue is as follows:
Added to Queue: It indicates that the server is successfully added to the queue.
Running Script: It indicates that the script is running on the server.
Success: It indicates that the script is executed successfully on the server.
 To remove the server from the queue, right click and choose Remove Server to Script
Manager’s Queue in the server queue list.
Add Script
To add the script in the selected server follow the below steps:
1. On the middle bottom pane, click Add New Script
icon to add new script.
2. Edit Script window will be opened, enter the script name in Script Name field.
 User can view only those scripts which are created by himself.
3. In the editor space, enter the script or copy paste the script to run on the selected server.
4. Click Save & Close button to add the script on the left bottom pane or click Cancel to revoke it.
5. Select the script form the left bottom pane and select the check box from the options on the top right of
this window.
56
Client Manager Guide | Version 4.8.5.0_U3
 The check boxes are displayed.
Show logs in a single window: This check box is selected by default. By default all the
output of the servers will be displayed in a single window. If this checkbox is not selected
the output of different servers will be displayed in different tabs.
Save logs locally: Select this check box to save the logs on a local drive.
6. Click Run Script button to execute the script on selected servers; the details of the executed script will
be displayed on the right pane of the window.
7. Click Save As button to save the log to a local drive.
Edit Script
To edit the script in the selected server follow the below steps:
1. On the middle bottom pane, click Edit Script
icon to edit an existing script.
2. Edit Script window will be opened, in the editor space, make changes to the script to run on the selected
server.
3. Click Save & Close button to save the changes to the script or click Cancel to revoke it.
57
Client Manager Guide | Version 4.8.5.0_U3

The script name cannot be changed while editing the script.
The edited version of the script would appear as V1, V2, V3, etc. under the original script
name, ensure to choose the correct version of the script.
Choose the correct version of the script to run however, by default it will run the original
script.
Show Version History
Script Version History will show the version history of the selected script which is run on the selected server.
To view the version history of the script follow the below steps:
1. On the middle bottom pane, click Show Version History
icon to view details of an existing script.
2. Script Version History window will be opened, it would display the following details such as Script
Name, Script Version, Created/Modified By and Created/Modified On.
58
Client Manager Guide | Version 4.8.5.0_U3
Script Manager Log
1. Script Manager Log tab will display the script log executed by the user on the Script Manager.
2. To view the details of the log, select the service type and it will display the list of all the script run for the
selected service type. It will list the Log Id, Script Executed By and Script Executed On (Date and Time).
3. To view the details of the logged data. Double-click on the particular row, Script Manager Logged Data
Viewer window will open. This window will give detail description of the script on the selected servers.
59
Client Manager Guide | Version 4.8.5.0_U3
5.3 User Self Registration
User Self Registration is a process for Self Registration of users thus eliminating the dependency on Admin
users for creating users in Server Manager.
Pre-requisite
To add URL for Self Registration of Users to the login page, use the following path:
Client Manager → Manager → Application Settings
1. Users can Edit or Delete existing application configuration by selecting respective icons.
2. Click Delete
icon to delete application or click Edit
icon to modify an application.
3. User can add new application by clicking Add New Application link. The following screen is displayed.
60
Client Manager Guide | Version 4.8.5.0_U3
The Application List screen contains the following fields:
Field Name
Description
Application Name
Select the application name of APIs hosted in your environment
URL (with Port Numer if any) Enter URL of API.
0
4. Select or enter the required details and click Submit to save the configuration. The following success
message will be displayed:
Application saved successfully.
5. The configuration will be listed in Application List screen.
6. Click Edit icon to edit the configured Application List. The following screen is displayed.
7. You can edit the URL for selected Application Name.
61
Client Manager Guide | Version 4.8.5.0_U3
8. You can edit Application Name but it cannot be configured same as already configured Application
Name. Example: If two Application Names are configured such as ARCON PAM User Details and
ARCON PAM Service Details, then you cannot update ARCON PAM User Details as ARCON PAM
Service Details.
9. Enter or select details and click Update. The following success message will be displayed.
Application details updated successfully.
10. Application List will be updated.
11. Once the URL is added successfully, the link for User Registration appears on the login page.
5.3.1 User Registration login
This section will explain the steps to login to User Registration Portal. For ARCON PAM Users, the link to User
Registration Portal shall be displayed on the login page. The link can also be provided to the individual users
separately.
 Only ARCON PAM domain users can login to User Registration Portal.
Follow the below steps to login into User Registration Portal
1. Enter the URL <http(s)://ip-address:port> in the address bar. The User Registration Portal Login screen
is displayed.
2. Enter the domain username and password, select the domain.
Field
Description
Username
Enter a username
Password
Enter a password
Domain name Enter a domain name
62
Client Manager Guide | Version 4.8.5.0_U3
 Only ARCON PAM Domain users can login to User Registration Portal.
3. Once logged in, the following page will be displayed.
4. Fill the details and click Submit.
Field
Description
User Type
Select the user type to be Admin or client user. By default,
client will be selected)
Domain Name
Select the domain name for the user

63
For new users, it will display only the
domain from which the user logged in
For ARCON PAM users it will display all
the available active domains
Client Manager Guide | Version 4.8.5.0_U3
Field
Description
User ID
For New users it will display the user ID of the
logged in user
For ARCON PAM users, it will allow to select a
user from the drop down list.
User Name
Email ID
For New users it will display the user Display
Name of the logged in user
For ARCON PAM users, it will automatically pop
up the username for the User ID selected in the
above field.
Enter the email address of the user.
 Users will receive the email notification on
workflow approval
Privilege User Account Details (For Service Account)
Domain Name
Select the domain name for the Privileged account
User ID
Specify the User ID by which the name service has to be created
Password
Specify the password for the above user ID
LOB
Select the LOB to which the user has to be mapped
User Group
Select the user group to which the user has to be mapped
Assign all Services
Select this check box to assign all the services of the selected
group to this user.
Submit
Click this to submit the details
0
5. On clicking Submit, the following window will be displayed with the message Performed transaction
Added in Workflow. Will get completed once Approved.
64
Client Manager Guide | Version 4.8.5.0_U3
6. Once approved, the user has been successfully added to ARCON PAM.

•
•
•
•
Privilege Account field is mandatory for Domain Users
Only users with Privilege Account can be created in ARCON PAM
Privilege user account details will be used for automatically creating named service
Condition for creating named service
There should be at least one name service created and mapped in the server group that
is mapped to the user group to which the user will be mapped
Domain name of the named service and the Domain name of the privilege user account
should be the same
65
Client Manager Guide | Version 4.8.5.0_U3
6 Approve or Reject Requests & Logs
This section helps you to approve or reject the request raised by the User for Service Access, Service Password
and Ticket. The users who are configured as Approvers under User Request Approval Workflow in Server
Manager will receive an email notification for approval or rejection of request. In addition, it also helps you to
view the logs generated for approved or rejected requests.
6.1 Approve or Reject Requests
The Admin/Approver approve the raised request of the user.
The options available under Approval Requests are as below:
• Service Access
• Service Password
• Ticket
6.1.1 Approve or Reject Service Access Request
Service Access Request Approval allows the Admin/ Approver to view and approve the raised request by the
User for accessing the service.
Process to approve the Service Access Request:
1. Click Manager tab.
2. Select Approval Requests
icon from the navigation bar and then select Service Access option.
66
Client Manager Guide | Version 4.8.5.0_U3
3. Approvals - Service Access Request window opens. It displays the raised service access request for
Admin/Approver to be approved.
The following details are displayed in Approvals - Service Access Request grid view:
Column
Name
Description
Requested By
Displays the name of the User raising the request.
Requested On Displays the date and time of the request raised.
Description
Displays the description of the request raised.
67
Client Manager Guide | Version 4.8.5.0_U3
Column
Name
Access Type
Description
Displays the type of access.
 To know more about Access Type refer Types of Access from Service
Access section.
Service
Displays details of Service.
Current Status Displays the Current Approval Level.
Pending With Displays the name of the approver with whom the approval is pending.
0
4. Select the number of entries in the Show Entries drop down list.
 Search option is available on the right hand side to search the entries directly.
5. Click View Request. It will open the Approve – Service Access Request screen.
68
Client Manager Guide | Version 4.8.5.0_U3
The following fields are displayed in Approve – Service Access Request screen:
Field Name
Description
Requestor Details
Requestor
Displays the name of the User raising the request.
Reference Type
Displays the Reference Type.
Reference
Details
Displays the Reference Details.
69
Client Manager Guide | Version 4.8.5.0_U3
Service Details
Service Type
Displays the type of Service.
Requested
Service
Displays the Services for which request has been raised.

Command
Profile
Select the Services which you want to Approve/Reject.
The Services which are not selected will remain in pending
approval list.
Select the Command Profile to restrict commands.
 The active profiles for selected Service type will be displayed in drop down
list.
Comments
Enter comments.
View Command Click this link to view commands configured for selected command profile.
Configuration
Commands
Displays Configuration Commands selected by User while raising request.
Description
Displays Description entered by User while raising request.
Access Details
Access Type
Displays the type of access.
Access Duration Displays the access duration selected by User while raising request.
Session
Duration
Displays the session duration selected by User while raising request.
Approval Details
Current
Approval Level
Displays the current level of approval.
Last Approval
Level
Displays the last level of approval.
Comments
0
Enter comments.
 Approver can restrict commands while approving One-Time and Time-Based access type.
6. Click Approve button to approve the Service Access Request or else click Reject to reject the request.
6.1.2 Approve or Reject Service Password Request
Service Password Request Approval allows the Admin/Approver to view and approve the request raised by the
User for viewing password of the service.
Process to approve the Service Password Request:
1. Click Manager tab.
70
Client Manager Guide | Version 4.8.5.0_U3
2. Select Approval Requests icon
from the navigation bar and then select Service Password option.
3. Approvals- Service Password Request screen opens. It displays the raised service password request for
approval by Admin/Approver.
The following fields are available on the list:
Field Name
Description
Requested By
Displays the name of User raising the request.
Requested On
Displays the date and time on which the request is raised.
Description
Displays the Description entered by the user while raising a request.
Requested Till
Displays the date and time till when User wants the service password to be
open.
Service
Displays the details of Service.
71
Client Manager Guide | Version 4.8.5.0_U3
Field Name
Current Status
Description
Displays the current status of raised request.
In the above figure, the request raised by the ARCON PAM Admin is
pending with the first level approval.
 Admin can configure maximum up to 5 levels of approval in the
server manager. Once the first level of Approver approves the
request, it will pass to the second level of approver and so on.
Is View Now
Displays whether User has selected Is View Now option when request was
raised.
0
4. Select the number of entries from the Show entries drop down list.
 Search option is available on the right hand side to search the entries directly.
5. Click View Request.
The following fields are available on Approve - Service Password Request screen:
Field Name
Description
Requestor Details
Requestor
Displays the name of User raising the request.
Service Details
Service Type
Requested Service
Description
Displays the type of Service.
Displays the details of Service.
Displays Description entered by User while raising request.
Access Details
View On
Displays the details selected by User while raising request.
72
Client Manager Guide | Version 4.8.5.0_U3
To Be Accessed Till
Displays the date and time till when User wants the password to be open.
Approval Details
Current Approval Level Displays the current level of approval.
Last Approval Level
Displays the last level of approval.
Comments
Enter comments.
0
6. If the Approver/Admin wants to approve the request then Approve tab needs to be selected
else Reject tab for rejection.
6.1.3 Approve or Reject Ticket Request
Ticket Request Approval allows the Admin/Approver to view and approve the ticket request raised by the User
for accessing the service. The User needs to enter the ticket number while accessing the service, once the ticket
request has been approved.
Process to approve the Ticket Request:
1. Click Manager tab.
2. Select Approval request
icon from the side menu and then select Ticket option.
3. It opens Approvals- Ticket Request screen.
73
Client Manager Guide | Version 4.8.5.0_U3
4. Select the number of entries from the Show entries drop down list.
 Search option is available on the right hand side to search the entries directly.
5. The Approvals - Ticket Request screen displays the detail description of raised ticket request.
The following details are displayed on the list:
Field Name
Description
Ticket No.
Displays the Ticket No. assigned to the raised request.
Service Group
Displays the service group selected by User while raising request.
Service
Displays the service details.
Ticket Type
Activity Type
Requested By
Executor
Displays the type of ticket selected by User while raising request.
Displays the type of activity selected by User while raising request.
Displays the name of User raising ticket request.
Displays the name of the Executor.
Start Time
Displays the date and time from which ticket will be valid.
End Time
Displays the date and time to which ticket will be valid.
Current Status
Displays current status of ticket request.
0
6. Click View Details. The following Approve - Ticket Request screen will be displayed.
74
Client Manager Guide | Version 4.8.5.0_U3
The following ticket request details are displayed on Approve - Ticket Request screen:
Field Name
Description
Requestor / Executor Details
Requestor
Displays the name of User raising the request.
Executor
Displays the name of the executor.
Service Details
LOB
Displays the LOB.
Service Group
Displays the service group.
Service / IP Address
Displays the service details.
Ticket Details
Ticket No.
Displays the Ticket No. assigned to the raised request.
Ticket Type
Displays the type of ticket selected by User while raising request.
Activity Type
Displays the type of activity selected by User while raising request.
Description
Displays the description entered by User while raising request.
Start Time
Displays the date and time from which ticket will be valid.
End Time
Displays the date and time to which ticket will be valid.
Expected Duration
Displays the expected duration selected by User while raising request.
75
Client Manager Guide | Version 4.8.5.0_U3
Location
Displays the location.
Impact
Displays the impact.
Impact Location
Displays the impact location.
Attachment 1
Displays the name of 1st attachment.
Attachment 2
Displays the name of 2nd attachment.
Approval Details
Current Approval Level
Displays the current level of approval.
Last Approval Level
Displays the last level of approval.
Comments
Enter comments.
0
7. Enter comments and click Approve button to approve request or Reject button to reject the request.
6.2 View Logs (Approved or Rejected Requests)
The Admin/Approver can view the logs approved or rejected by the Admin.
The options available under Approval Logs:
• Service Access
• Service Password
• Ticket
6.2.1 Service Access Approved or Rejected Logs
The Admin can view and revoke access for the request raised to access any service. Revoke link will allow the
approver to revoke the service access request for One Time/Time Based service access.
 The service access can be revoked by the Approver only. However, Permanent Service Access Request
cannot be revoked.
Process to view the logs for Service Request:
76
Client Manager Guide | Version 4.8.5.0_U3
1. Click Manager tab.
2. Click Approval logs icon
from the navigation bar and then select Service Access option.
3. It opens Approval Logs - Service Access screen.
4. Select Date From and Date To and click Go. It will display the logs for selected date range.
5. Select the number of entries in the Show Entries drop down list.
 Search option is available on the right hand side to search the entries directly.
6. Click Revoke link. The Reason For Revocation window pops up.
7. Enter the reason for revocation in the Reason For Revocation text field.
77
Client Manager Guide | Version 4.8.5.0_U3
8. Click Submit. The service access request is revoked and the final status of the log is displayed
as Revoked.
The following details are displayed in Approval Logs - Service Access grid view:
Column Name
Description
Requested By
Displays the name of User raising the request.
LOB
Displays service's LOB.
Requested On
Displays the date and time for request raised.
Requested Access
Type
Displays the type of access.
 To know more about Access Type refer Types of Access from Service
Access section.
Service Type
Displays type of Service.
Service Host
Displays host name of Service.
78
Client Manager Guide | Version 4.8.5.0_U3
Column Name
Description
Service User Name
Displays user name of Service.
Final Status
Displays the final status of request.
0
9. Click View Details. It will open Approval Log Details window.
The following details are displayed in Approval Log Details window.
Column Name
Description
LOB Profile
Displays the LOB or Profile name.
Requested By
Displays the name of User raising the request.
Requested On
Displays the date and time when request was raised.
Requested Description
Displays the description entered by User while raising request.
Requested Access Type
Displays the request type of access.
Service Type
Displays type of Service.
Service IP Address
Displays IP address of Service.
Domain Name
Displays the domain name of Service.
Service User Name
Displays user name of Service.
DB Instance
Displays DB Instance of Service.
Access Required From
Date
Displays the start date of service access entered by User while raising
request.
Access Required To Date
Displays the end date of service access entered by User while raising
request.
Access Duration Time
Displays the time duration entered by User while raising request.
Access Period
Displays the access period entered by User while raising request.
Current Approval Level
Displays the Current Approval Level.
Approval Levels
Displays total number of approval levels configured in workflow.
79
Client Manager Guide | Version 4.8.5.0_U3
Column Name
Description
Approver1 Username
Displays the 1st approver user name.
Approver1 Status
Displays the status of 1st approver.
Approver1 StatusOn
Displays the date and time when 1st approver approved or rejected the
request.
Approver1 Comment
Displays the comment entered by 1st approver while approving or rejecting
the request.
Approver2 Username
Displays the 2nd approver user name.
Approver2 Status
Displays the status of 2nd approver.
Approver2 StatusOn
Displays the date and time when 2nd approver approved or rejected the
request.
Approver2 Comment
Displays the comment entered by 2nd approver while approving or
rejecting the request.
Approver3 Username
Displays the 3rd approver user name.
Approver3 Status
Displays the status of 3rd approver.
Approver3 StatusOn
Displays the date and time when 3rd approver approved or rejected the
request.
Approver3 Comment
Displays the comment entered by 3rd approver while approving or
rejecting the request.
Approver4 Username
Displays the 4th approver user name.
Approver4 Status
Displays the status of 4th approver.
Approver4 StatusOn
Displays the date and time when 4th approver approved or rejected the
request.
Approver4 Comment
Displays the comment entered by 4th approver while approving or
rejecting the request.
Approver5 Username
Displays the 5th approver user name.
Approver5 Status
Displays the status of 5th approver.
Approver5 StatusOn
Displays the date and time when 5th approver approved or rejected the
request.
Approver5 Comment
Displays the comment entered by 5th approver while approving or
rejecting the request.
Command Profile
Displays the command profile selected by approver while approving or
rejecting the request.
Final Status
0
Displays the final status of service access request.
 The details of Approvers are displayed based on approvers configured in User Request
Approval Workflow (Server Manager > Tools > Advanced Configuration).
10. Click OK. The Approval Log Details window will close.
80
Client Manager Guide | Version 4.8.5.0_U3
6.2.2 Service Password Approved or Rejected Logs
Approval Logs - Service Password screen helps you to view the logs of the service password request raised by
User. In addition, it also displays the Request Approval details such as the name of the Approver, the status of
approval, and date/time requested for access. Approval Logs are displayed for all Approvers. Only Approver at
last level can close password of Service if required.
 The User who has raised service password request can also close service password from his Mailbox
(Client Manager).
Process to view the logs for Service Password:
1. Click Manager tab.
2. Click on Approval logs icon
from the side menu and then select Service Password option.
3. It opens Approval Logs – Service Password screen.
4. Select Date From and Date To and click on Go. It will display the logs of the provided date.
5. Select the number of entries in the Show Entries from the drop down list.
 Search option is available on the right hand side to search the entries directly.
6. The following details are displayed on Approval Logs – Service Password screen.
Field Name
Description
Requested By
Displays the name of User raising the request.
Requested On
Displays date and time of raising the request.
Description
Displays the Description entered by the user while raising a request.
Requested Till
Displays the date and time till when User wants the service password to be
open.
Service
Displays the details of Service.
81
Client Manager Guide | Version 4.8.5.0_U3
Field Name
Final Status
Is View Now
Close
Description
Displays the final status of raised request.
Displays whether User has selected Is View Now option while raising the
request.
Click this link if you want to close service password immediately.

Close link is only displayed if the final status is
approved.
This ink is only displayed in last Approver's Approval
Logs.
0
7. You an close password of requested service password by clicking Close link.
8. The following Close Password window is popped up when you click Close link.
9. Click Close Password button to close the service password.
 Click Cancel button to close the window. The password will not be closed in this case.
6.2.3 Ticket Approved or Rejected Logs
The Approval Logs - Ticket screen helps you to view the logs for the ticket request raised by User. In addition, it
also displays the Ticket Request Approval details such as the name of the Approver, the status of approval, and
date/time requested for access.
Process to view the logs for Ticket:
1. Click Manager tab.
2. Click on Approval logs icon
from the side menu and then select Ticket option.
3. It opens Approvals Logs- Ticket window.
82
Client Manager Guide | Version 4.8.5.0_U3
4. Select Ticket Status, Date From, Date To and click on GO. It display the logs for the specified date range.
5. The following types of Ticket Status are displayed on the list.
Initiated- Initial status of the Tickets.
Approval Pending- Tickets pending for approval.
Approved- Tickets approved by approver.
Rejected- Tickets rejected by approver.
Postponed- Tickets postponed by approver.
Completed- Tickets approval process completed by approver.
Cancelled-Tickets cancelled by approver.
6. Select the number of entries in the Show Entries from the drop down list.
 Search option is available on the right hand side to search the entries directly.
7. The following details are displayed on Approval Logs - Ticket screen.
Field Name
Description
Ticket No.
Displays the Ticket No. assigned to the raised request.
LOB
Displays the LOB.
Ticket Status
Displays the status of ticket.
Remarks
Displays the remarks.
Requested By
Displays the name of User raising ticket request.
Executor
Displays the name of the Executor.
Service Group
Displays the service group selected by User while raising request.
Service
Displays the details of service.
Ticket Type
Activity Type
Start Time
Displays the type of ticket selected by User while raising request.
Displays the type of activity selected by User while raising request.
Displays the date and time from which ticket will be valid.
83
Client Manager Guide | Version 4.8.5.0_U3
Field Name
Description
End Time
Displays the date and time to which ticket will be valid.
Approval Status
Displays the status of ticket request.
84
Client Manager Guide | Version 4.8.5.0_U3
7 User Access Review
User Access Review is a review mechanism. This mechanism helps to review the services access provided to
Users.

• Client User having Manager Menu Display and User Access Reviewer privilege will be able to
view User Access Review option.
• Whereas, the Administrator having User Access Reviewer privilege in Group Admin
Privileges , shall be able to review the services mapped to User in Client Manager. In this
process, the Administrator can also preserve or revoke the services mapped to a User.
To approve/ revoke a User Access Review:
To approve/ revoke a User Access Review use the following path:
1. Click Manager tab.
2. Click User Access Review from the left hand side menu.
3. The review details are displayed.
85
Client Manager Guide | Version 4.8.5.0_U3
4. Click View Details. The Review – User Access screen is displayed.
5. The Reviews – User Access screen contains the following fields:
Field Name
User Group
Description
Select User Group.
 Displays the User Groups mapped to Server Group for which review has
been initiated.
Assigned To
Select User.
Access Preserved Displays services which are preserved for access.
86
Client Manager Guide | Version 4.8.5.0_U3
Access Revoked
Displays services which are revoked for access.
Access on Hold
Displays services which are on hold for review.
Buttons
Search Service(s) To search based on the User Group and Assigned To filters.
Check/Uncheck
All
To select/deselect services.
Preserve
To preserve service access.
Hold
To keep service review on hold.
Revoke
To revoke service access.
0
6. Specify required comment in the Comments textfield and click Submit Review.
7. The User Access Review Has Been Successfully Submitted message is displayed.
87
Client Manager Guide | Version 4.8.5.0_U3
8 View Access Logs
Access Logs allows the Admin/Approver to view the activity performed by user on services through video log.

• Client User having Manager Menu Display privilege will be able to view Access Logs option.
• User having View Server Access Log privilege will be able to view details of activity performed
by user on services.
• User having View Server Access Log Details privilege will be able to view details of
activity performed by user on services through video log.
Process to view access logs:
1. Click Manager tab.
2. Click Access Logs icon from the navigation menu.
3. It opens the Access Logs window.
88
Client Manager Guide | Version 4.8.5.0_U3
4. Select LOB, Date From, Date To from the drop down list.
5. Enter Service/IP Address and Service Reference No from the drop down list.
 Service/IP Address and Service Reference Number if known by the Admin is sufficient to pull
down the logs from the server.
6. Select the number of entries in the Show Entries from the drop down list.
 Search option is available on the right hand side to search the entries directly.
7. Click Submit. It opens the details for the selected logs.
8. Click Details. It opens the video log for the selected User ID.
89
Client Manager Guide | Version 4.8.5.0_U3
9 Reports
ARCON PAM provide reports to the privileged user of different transactions in ARCON PAM such as
dashboard, group reports, LOB reports, logs, performance reports, privilege reports, security reports, service
reports, user reports, and Vault reports. Reports are fetched from Client Manager. User can export these
reports in .xls, .doc, .csv, and .pdf file format. Reports can be generated automatically on a daily, weekly, or
monthly basis based on the scheduler configured in Server Manager (Refer Scheduler Master and Schedule
Reports for detailed information).
Following are the reports generated in ARCON PAM:
•
•
•
•
•
•
•
•
•
•
Dashboard
Group Reports
LOB Reports
Logs
Performance Reports
Privilege Reports
Security Reports
Service Reports
User Reports
Vault Reports
9.1 Exported Reports
This section helps you to view the list of reports processed or requested for download. Exported Reports will
help you to download or delete the report record wise from the list.
To view list of reports processed for download, use the following path:
Reports → Exported Reports
1. Click Exported Reports. The My Report Downloads screen is displayed, wherein it shall display list of all
the download requests processed by User.
90
Client Manager Guide | Version 4.8.5.0_U3
2. Click Download icon, to download and save the report.
3. Click Delete icon, to delete the report from the list.
For example, The User shall follow the below steps to view the download request raised for Service Group
Report in Exported Reports screen.
1. User shall select type of export and click
icon. The following message pop up is displayed.
91
Client Manager Guide | Version 4.8.5.0_U3
2. Select Email Notification checkbox and enter the required Email Id.
3. Click Submit. The download request will be processed and will appear in the Exported Reports screen.
92
Client Manager Guide | Version 4.8.5.0_U3
4. You can view the report details and then click any export type
displayed on the right
side corner of the screen. The download request will be processed and will be available for download in
Exported Reports screen.
9.2 Dashboard Reports
Dashboard displays a graphical view of real time user interfaces of different activities performed in ARCON
PAM. In other words, it displays the graphical view of user’s access to the services in terms of commands fired,
password rotation, and status of password security. The Dashboard palette further provides links to view and
filter the various reports that are running in ARCON PAM application.
•
•
•
•
•
ARCOS Live
ARCOS PerfMonIT
Enterprise Password Report
Live Server Sessions
User Access & Usage
9.2.1 ARCOS Live
ARCOS Live displays the count and details of users logging into the application, the servers accessed by the
users, commands fired by the users, critical commands fired, and restricted commands fired by users. It displays
only the last five hour details of the users.
 Users having ARCOS Live privilege will be able to view ARCOS Live dashbaord.
Process to view ARCOS Live dashboard:
1. Click the Reports menu.
2. From the left navigation menu, click Dashboard option.
3. Click ARCOS Live link.
93
Client Manager Guide | Version 4.8.5.0_U3
4. A new window Dashboard Live opens.
5. Dashboard Live window displays the number of attempts made by the user to access the service in
graphical form.
6. The X-axis represents the Time and Y-Axis represents the Number of Attempts.
7. To get detail information about the Dashboard Live navigate the cursor on the desired coordinate
points. The selected coordinate points will display information about the number of User Login, Services
Accessed, Commands Fired both Critical and Non-Critical and Restricted Commands.
94
Client Manager Guide | Version 4.8.5.0_U3
8. In the above figure you can see that at 10:53:00 AM on 10/6/2016 there were only two User Logged in,
zero Service Accessed, Zero Command Fired both Critical and Non-Critical and zero Restricted
Commands.
 On the extreme right-hand side of the report window, Refresh Dashboard button is available.
Click on it to refresh the respective report.
Process to search any Reports:
1. Click the Reports menu. All the available reports whose privileges are assigned will be available on the
left navigation menu.
2. Click the
icon.
3. The Search option is displayed below the ARCON PAM logo.
4. You can enter the report name and click on the Search icon, to search the respective report.
95
Client Manager Guide | Version 4.8.5.0_U3
9.2.2 ARCOS PerfMonIT
The ARCOS PerfMonIT displays the graphical view of the performance of ARCON PAM server. It displays the
status of all the services on ARCON PAM Servers. In addition, it displays the percentage of CPU, RAM, and Disk
Utilization of servers in ARCON PAM.
The following are the list of services in ARCOS Server Performance:
•
•
•
•
•
•
•
•
•
•
ARCOS Alert Service
ARCOS Log Manager Servicer
ARCOS Log Manager Service ONS
ARCOS SPC Service
ARCOS Desk Insight Master
ARCOS PerfMonIT
ARCOS SIEM Connector Service
ARCOS Log Archiver Service
ARCOS DB Sync Service
ARCOS Folder Sync Service
 User having ARCOS PerfMonIT privilege will be able to view ARCOS PerfMonIT dashboard.
Process to view ARCOS PerfMonIT report:
1. Click Reports menu.
2. From the left navigation menu, click Dashboard option.
3. Click ARCOS PerfMonIT link.
96
Client Manager Guide | Version 4.8.5.0_U3
4. Click Reports menu.
5. It opens PerfMonIT window which displays the ARCOS Server Performance.
6. Click Reports menu.
7. Click on PR (Production) tab. It displays the detail description of the server, which includes its Host
Name, IP Address, Operating System, Processor, Total Memory, and Total Disk Space utilized by the
Application.
97
Client Manager Guide | Version 4.8.5.0_U3
8. Click on DR (Disaster Recovery) tab. It displays the following screen.
98
Client Manager Guide | Version 4.8.5.0_U3
9. On the right hand-side, it displays the graphical view of CPU Utilization, RAM Utilization and Disk
Utilization of all three servers (Application server, Vault Server and Gateway server).
10. Drag and navigate the cursor anywhere on the graph. It displays the percentage of utilization.
99
Client Manager Guide | Version 4.8.5.0_U3
9.2.3 Enterprise Password Report
Enterprise Password report displays the frequency of scheduled and changed ratio of password rotation of last
three months in ARCON PAM, status of compliant and non compliant password policy compliance, status of
secured and open password security status in ARCON PAM, status of success and failure rate of password
change process and upcoming password review. User can view the dashboard for respective LOB and service
group specifications.
 User having Enterprise Password privilege will be able to view Enterprise Password dashboard.
Process to view Enterprise Password report:
1. Click Reports menu.
2. From the left navigation menu, click Dashboard option.
3. Click Enterprise Password link.
4. It opens the Enterprise Password Dashboard window.
100
Client Manager Guide | Version 4.8.5.0_U3
5. Select the LOB and Service Group.
6. Based on the selected LOB and Service group, it displays the graphical view of Password Rotation
Frequency, Password Policy Compliance Status, Password Security Status, Password Change SuccessFailure Rate and Upcoming Password Review.
7. Drag and Navigate the cursor anywhere on the graph to view the exact count details.
8. The above figure shows the changed password and the Scheduled password of Jul 2016 in Password
Rotation Frequency graph.
101
Client Manager Guide | Version 4.8.5.0_U3
9.2.4 Live Server Sessions
This dashboard displays the list of live sessions taken through ARCON PAM. In other words, it displays the list
of servers accessed by user (both critical and non-critical). User can view the dashboard for the respective
LOB / Profile and Service Group. In addition, it also displays the graphical view of number of services accessed
by users and privileged ID’s.
 User having Live Server Sessions privilege will be able to view Live Server Sessions dashboard.
Process to view Live Server Sessions report:
1. Click Reports menu.
2. From the left navigation menu, click Dashboard option.
3. Click Live Server Session link.
4. It opens the Live Server Sessions window.
102
Client Manager Guide | Version 4.8.5.0_U3
5. Select LOB and Service Group.
6. Based on the selected LOB and Server Group, it displays the number of servers accessed by users.
9.2.5 User Access & Usage
This dashboard displays the graphical representation of number of time servers accessed and critical command
usage based on the selected LOB and Service group details. Firstly, it displays the count of number of times
critical servers have been accessed in Critically Based User Activity Graph, the same is displayed in time-based
manner in Time based User Activity Graph and service-type wise in Services Access Graph. The High Usage
Service Accounts graph displays the servers which are highly accessed.
 User having User Access & Usage privilege will be able to view User Access & Usage dashboard.
103
Client Manager Guide | Version 4.8.5.0_U3
Process to view User Access and Usage report:
1. Click Reports menu.
2. From the left navigation menu, click Dashboard option.
3. Click User Access and Usage link.
4. It opens the User Access and Usage Dashboard window.
104
Client Manager Guide | Version 4.8.5.0_U3
5. Select LOB and Service Group.
6. Based on selected LOB and Service Group, it displays the graphical view of number of time servers
accessed and critical command usage.
7. Drag and Navigate the cursor anywhere on the graph to view the exact count details.
105
Client Manager Guide | Version 4.8.5.0_U3
8. The above figure displays the exact count of the server accessed in the month of August, September, and
October of low critical status.
9.3 Group Reports
Group reports generates details of all the groups such as service groups and user groups created in ARCON
PAM. It displays details such as the name of the group, name of the user who has created the group and date &
time on which the group is created.
Following are the reports in Group Reports:
•
•
•
•
•
Servers In Server Group
Service Group Report
Services in Server Group
User Group Report
Users in User Group
9.3.1 Servers In Server Group
Servers In Server Group is a master report which displays a graphical and grid view details of all the servers
created in a Server Group irrespective of the LOB’s. The details displayed in this report are based on IP Address
of Server. It displays details such as the IP Address of server, hostname, instance, port number, domain name,
name of the service group, and LOB in which service has been created.
 User having Servers In Server Group privilege will be able to view Servers In Server Group report.
Process to view Servers In Server Group report:
1. Click the Reports menu.
2. From the left navigation menu, click Group Reports option and then click Servers In Server Group link.
106
Client Manager Guide | Version 4.8.5.0_U3
3. It displays the following screen.
4. Click View Report button. It displays the graphical view and grid containing details of severs in server
group.
107
Client Manager Guide | Version 4.8.5.0_U3
5. Click
icon, to view those columns which are not displayed because of screen size of the User.
6. Select the number of entries from the Show entries drop down list, to display only those many records in
the grid.
7. To search for a particular service group, enter the required service group name in the Search text field,
on the right hand side of the screen.
8. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
108
Client Manager Guide | Version 4.8.5.0_U3
9.3.2 Service Group Report
Service Group Report is a master report which displays details of all the service groups created in ARCON PAM
irrespective of the LOB’s. It displays details such as the name of the service group, name of the user who has
created the service group and date & time on which the service group has been created.
 User having Service Group Report privilege will be able to view Service Group Report.
Process to view Service Group Report:
1. Click the Reports menu.
2. From the left navigation menu, click Group Reports option and then click Service Group Report link.
3. It displays the following screen.
109
Client Manager Guide | Version 4.8.5.0_U3
4. Click View Report button. The following service group report is generated.
5. Select the number of entries from the Show entries drop down list, to display only those many records in
the grid.
6. To search for a particular service group, enter the required service group name in the Search text field,
on the right hand side of the screen.
7. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.3.3 Services In Server Group
Services In Server Group is a master report which displays details of all the services created in a Server Group
irrespective of the LOB’s. The details displayed in this report are based on Service Username of Server. It
displays details such as the IP Address of server, username of service, hostname, instance, port number, domain
name, name of the service group, and LOB in which service has been created.
 User having Services In Server Group privilege will be able to view Services In Server Group report.
Process to view Services In Server Group report.
1. Click the Reports menu.
2. From the left navigation menu, click Group Reports option and then click Services In Server Group link.
110
Client Manager Guide | Version 4.8.5.0_U3
3. It displays the following screen.
4. Click View Report button. It displays the graphical view and grid containing details of services in server
group.
111
Client Manager Guide | Version 4.8.5.0_U3
5. Click
icon, to view those columns which are not displayed because of screen size of the User.
6. Select the number of entries from the Show entries drop down list, to display only those many records in
the grid.
7. To search for a particular service group, enter the required service group name in the Search text field,
on the right hand side of the screen.
8. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
112
Client Manager Guide | Version 4.8.5.0_U3
9.3.4 User Group Report
User Group Report is a master report which displays details of all the user groups created in ARCON PAM
irrespective of the LOB’s. It displays details such as the name of the user group, name of the user who has
created the user group and date & time on which the user group is created.
 User having User Group Report privilege will be able to view User Group Report.
Process to view User Group Report:
1. Click the Reports menu.
2. From the left navigation menu, click Group Reports option.
3. Click User Group Report link.
4. It displays the following screen.
113
Client Manager Guide | Version 4.8.5.0_U3
5. Click View Report button.The following user group report is generated.
6. Select the number of entries from the Show entries drop down list, to display only those many records in
the grid.
7. To search for a particular service group, enter the required service group name in the Search text field,
on the right hand side of the screen.
8. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.3.5 Users In User Group
Users In User Group is a master report which displays details of all the Users created in a User Group
irrespective of the LOB’s. It displays details such as the name of the user, display name of user, name of user
group, domain in which user has been created, and type of user.
 User having Users In User Group privilege will be able to view Users In User Group report.
Process to view Users In User Group report:
1. Click the Reports menu.
2. From the left navigation menu, click Group Reports option.
3. Click Users In User Group link.
114
Client Manager Guide | Version 4.8.5.0_U3
4. It displays the following screen.
5. Click View Report button. It displays the graphical view and grid containing details of Users in user
group.
115
Client Manager Guide | Version 4.8.5.0_U3
6. Click
icon, to view those columns which are not displayed because of screen size of the User.
7. Select the number of entries from the Show entries drop down list, to display only those many records in
the grid.
8. To search for a particular service group, enter the required service group name in the Search text field,
on the right hand side of the screen.
9. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
116
Client Manager Guide | Version 4.8.5.0_U3
9.4 LOB Reports
LOB reports helps you to generate a graphical view and exact count of groupwise details of users and services
which are active and inactive in ARCON PAM. In addition, it also displays the detailed description of all the
LOB’s created in ARCON PAM, description of object’s mapped to LOB, and LOB wise status of unique IP
addresses and services.
Following are the reports in LOB Reports:
•
•
•
•
•
•
•
Active Services Group Wise Report
Active Services Report
Active Users Report
Inactive Services Report
LOB Details Report
Object Status Report
Service Count Report
9.4.1 Active Services Group Wise Report
Active Services Group Wise Report displays the list of Active services under a particular Service group. It
displays details such as the LOB, Service type, IP address, Host Name, User ID, Domain Name, DB Instance,
Port, of the username, server IP, Server Host name, Domain name, Port, Description, and the date till when the
Service will remain active.
 User having Active Services Group Wise Report privilege will be able to view Active Services Group
Wise Report.
Process to view Active Services Group Wise Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click LOB Reports option.
Click Active Services Group Wise link.
It displays the following screen.
117
Client Manager Guide | Version 4.8.5.0_U3
5. Select LOB, Service Group or Service Type from the drop down list.
6. Click View Report. It displays grid view details of active services under a particular service group.
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.
118
Client Manager Guide | Version 4.8.5.0_U3

The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.4.2 Active Services Report (LOB wise)
Active Services Report displays details of all servers which are active in ARCON PAM. You can filter the details
on the basis of LOB / Profile and Service Type. It displays details such as username of the service, IP address of
the server, type of service, group name of the service, description of the service, date and time till when the
service is active, name of the Administrator who has mapped the service to LOB, date and time on which the
service was mapped, and date and time when service was last accessed.
 User having Active Services Report privilege (under Reports - LOB Reports) will be able to
view Active Services Report.
Process to view Active Services Report:
1. Click the Reports menu.
2. From the left navigation menu, click LOB Reports option.
3. Click Active Services Report link.
119
Client Manager Guide | Version 4.8.5.0_U3
4. It displays the following screen.
5. Select the LOB, Service Group or Service Type from the drop down list.
6. Click View Report button. It displays the list of all the active servers in the particular LOB.
120
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.4.3 Active Users Report (LOB wise)
Active Users Report displays details of all users who are active in ARCON PAM. You can filter this report on the
basis of LOB/ Profile and User Group. It displays details such as name of the LOB, description of the LOB, user
ID of the user, name of the user, name of the group, description of the group, date & time till when the user is
active, name of the Administrator who has created the user, date & time on which the user was created, name of
the Administrator who has mapped the user to the LOB, and date & time on which the user was mapped.
 User having Active Users Report privilege (under Reports - LOB Reports) will be able to view Active
Users Report.
Process to view Active Users Report:
1. Click the Reports menu.
121
Client Manager Guide | Version 4.8.5.0_U3
2. From the left navigation menu, click LOB Reports option.
3. Click Active Users Report link.
4. It displays the following screen.
5. Select the LOB or User Group from the drop down list.
6. Click View Report button. It displays the list of all the active users in the particular LOB.
122
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click the

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.4.4 Inactive Services Report
Inactive Services Report displays details of all servers, which are inactive in ARCON PAM. You can filter the
details on the basis of LOB/Profile and Service Type. It displays details such as the name of the LOB, description
of the LOB, username of the service, IP address of the server, type of the service, date and time till when the
service is active, name of the Administrator who has mapped the service to LOB, date and time on which the
service was mapped, and date and time details when the service was last accessed.
123
Client Manager Guide | Version 4.8.5.0_U3
 User having Inactive Services Report privilege will be able to view Inactive Services Report.
Process to view Inactive Services Report:
1. Click the Reports menu.
2. From the left navigation menu, click LOB Reports option.
3. Click Inactive Services Report link.
4. It displays the following screen.
5. Select LOB or Service Type from their drop down list.
6. Click View Report button. It displays the list of all the inactive services in the particular LOB.
124
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.4.5 LOB Details Report
LOB details report displays detailed description of all the LOB created in ARCON PAM. It displays details such
as the name and description of the LOB, address of the LOB, name of the user who has created the LOB, and
date & time on which the LOB is created.
 User having LOB Details Report privilege will be able to view LOB Details Report.
Process to view LOB Details report:
1. Click the Reports menu.
2. From the left navigation menu, click LOB Reports option.
3. Click LOB Details Report link.
125
Client Manager Guide | Version 4.8.5.0_U3
4. It displays the following screen.
5. Click View Report button. It displays the detailed description of the all LOB created with its creator
name, created date and the address.
126
Client Manager Guide | Version 4.8.5.0_U3
6. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
7. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
8. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.4.6 Object Status Report
Object Status report displays a graphical view of LOB wise mapping of object. In addition, it displays the exact
count of all the object’s mapped to LOB. It displays details such as name of the LOB, description of the LOB,
count of active and inactive users mapped to LOB, count of active and inactive services mapped to LOB, count
of unique IP address of active and inactive services mapped to LOB, count of user groups and service groups
mapped to LOB.
 User having Object Status Report privilege will be able to view Object Status Report.
Process to view Object Status Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click LOB Reports option.
Click Object Status Report link.
It displays the following screen.
127
Client Manager Guide | Version 4.8.5.0_U3
5. Click View Report button. It displays the graphical view of LOB wise object mapping.
6. It also displays the exact count of object mapping in the grid.
128
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down list, to display only those numbers of record
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.4.7 Service Count Report
Service Count Report displays the graphical view of LOB wise status of unique IP address and services. It
displays details such as name of the LOB, description of LOB, type of service, count of active and inactive
services, and count of unique IP addresses of active and inactive services.
 User having Service Count Report privilege will be able to view Service Count Report.
Process to view Service Count Report:
1. Click Reports menu.
2. From the left navigation menu, click LOB Reports option.
3. Click Service Count Report link.
4. It displays the following screen.
129
Client Manager Guide | Version 4.8.5.0_U3
5. Click View Report button. It displays the graphical view of LOB wise status of unique IP address and
services.
130
Client Manager Guide | Version 4.8.5.0_U3
6. It also displays the count of active/inactive service and unique IP address(s) in the grid.
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.5 Logs
Log reports generates reports of activities performed in ARCON PAM with detailed information. In this section
user can view and download various logs reports.
Following are the logs in Logs Report:
•
•
•
•
•
•
•
•
•
•
Approval Delegation Report
Day Wise Summary Report
LOG Review Report
Service Access Log
Service Password Request Workflow Logs
Service Request Workflow Logs
Session Activity Log
Session Wise Summary Report
Ticket Request Workflow Log
User Access Review Processes
9.5.1 Approval Delegation Report
Delegation is the process where sharing or transfer of authority and the associated responsibility, from an
employer or superior (approver who has the right to delegate) to an employee or subordinate is performed.
Approval Delegation report is used to generate logs of delegation passed to/by, based on any particular LOB. It
displays details such as status of the delegated operation, name of the approver who has assigned the
delegation, name of the approver to whom the delegation is assigned, type of approval, date & time (start date
and end date) to approve the request, status of the delegation, name of the approver who has created the
delegation, date & time on which the delegation was created, name of the approver who has modified the
delegation, and date & time on which the delegation was modified.
 User having Approval Delegation Report privilege will be able to view Approval Delegation Report.
Process to view Approval Delegation Report:
1. Click the Reports menu.
2. From the left navigation menu, click Logs option.
131
Client Manager Guide | Version 4.8.5.0_U3
3. Click Approval Delegation Report link.
4. It displays the following screen.
5. Select LOB from the drop down list.
6. Click View Report button. It displays detail information of created, modified, and deleted delegations.
132
Client Manager Guide | Version 4.8.5.0_U3
 To know more about Delegation, refer Delegation from Access Menu section.
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.5.2 Day Wise Summary Report
Day Wise Summary Report displays date and time wise count of activities performed on Server. It displays
details such as date, time slot, count of sessions accessed, count of Users who accessed servers, count of critical
commands executed on server, count of restricted commands executed on server, count of passwords open in
this time slot, and count of restricted processes executed on server.
 User having Day Wise Summary Report privilege will be able to view Day Wise Summary Report.
Process to view Day Wise Summary Report:
133
Client Manager Guide | Version 4.8.5.0_U3
1. Click the Reports menu.
2. From the left navigation menu, click Logs option.
3. Click Day Wise Summary Report link.
4. It displays the following screen.
5. Click View Report button. It displays count of activities performed on Server.
134
Client Manager Guide | Version 4.8.5.0_U3
6. Click
icon, to view those columns which are not displayed because of screen size of the User.
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.5.3 LOG Review Report
Log Review Report displays details of all the users who have accessed or viewed the logs generated in ARCON
PAM. In addition, it displays the graphical view of number of times the users have accessed the logs It displays
details such as the name of the log, type of access, name of the user who has viewed the log, display name of the
user, the connecting port number, user machine IP, service was logged in and logged out; and date & time on
which the log details were accessed.
 User having Log Review Report privilege will be able to view Log Review Report.
135
Client Manager Guide | Version 4.8.5.0_U3
Process to view Log Review Reports:
1. Click Reports menu.
2. From the left navigation menu, click Logs option.
3. Click Log Review Report link.
4. It displays the following screen.
5. Select LOB from drop down list or select/enter date in Date From and Date To fields.
 To Search for records based on specific user id, enter the user id in the User ID text field.
6. Click View Report button. It displays a graphical view and grid of various log.
136
Client Manager Guide | Version 4.8.5.0_U3
 Type column will give details whether the log has been viewed or the details of the log was
viewed by right clicking on the services and choosing the show details option in the Process
Logs/Command Logs/Service Logs present in the Server Manager.
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.5.4 My Vault Log
My Vault Log report displays the list of all the activities performed in the File Vault. It displays details such as
filename, extension, size, status, added by, addedon, sharedon, shared with, File Available till, Deleted by,
Deleted on and Recorded on.
137
Client Manager Guide | Version 4.8.5.0_U3
Process to view My Vault Log:
1. Click Reports menu.
2. From the left navigation menu, click Logs option.
3. Click the My Vault Logs link, it displays the following screen.
4. Select enter date in Date From and Date To field or Search for a particular User ID.
5. Click View Report button. It displays detailed information of My Vault log.
138
Client Manager Guide | Version 4.8.5.0_U3
6. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
7. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
8. Click the
icon to see details such when the file was recorded and when it was deleted.
9. To pin the report to Dashboard, click
10. click
icon.
icons displayed on the right side corner of the screen to select the file type for exported reports . The
download request will be processed and will be available for download in Exported Reports screen.

The file naming convention for exported report will be Report name_LOB name.
For downloaded reports, refer Exported Reports section.
9.5.5 Service Access Log
Service Access Log displays details of all the services accessed by the users based on the user/service group,
user Id, and service/server IP. It displays details such as Id of the user, user machine details, type of service, IP
address of service accessed, name of user who has accessed the service, reference number of service, domain
name of service, hostname of service, description1, description2, date and time on which the service is accessed
and logged out, and total session duration in minutes. It also includes the details entered or selected by User
before accessing the Service.
 User having Service Access Log privilege will be able to view Service Access Log report.
Process to view Service Access Log:
1. Click the Reports menu.
2. From the left navigation menu, click Logs option.
139
Client Manager Guide | Version 4.8.5.0_U3
3. Click Service Access Log link.
4. It displays the following screen.
5. Select LOB, User Group or Service Group from their drop down list or select/enter date in Date
From and Date To fields.
 To search records based on a specific user Id and service/server IP, enter the required user ID or
server IP in the User ID and Server IP text field respectively.
6. Click View Report button. It displays detailed information about various services accessed.
140
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.
141
Client Manager Guide | Version 4.8.5.0_U3

The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.5.6 Service Password Request Workflow Logs
Service Password Request Workflow logs displays details of all the user service password requests raised by
users. It displays details such as the name of the LOB, name of the User who has raised the request, date & time
on which the request was raised, description of the request, type of service, service IP address, domain name,
username of service, DB instance, date and time when password will be sent to User's mailbox, number of hours
password will be open, date and time till when password will be open, current approval level, number of
configured approval levels, the configured approver's username, approval status, status updated date and time,
and the final approval status.
 User having Service Password Request Workflow Logs privilege will be able to view Service
Password Request Workflow Logs report.
Process to view Service Password Request Workflow Log:
1. Click the Reports menu.
2. From the left navigation menu, click Logs option.
3. Click the Service Password Request Workflow Logs link.
4. It displays the following screen.
142
Client Manager Guide | Version 4.8.5.0_U3
5. Select the LOB from the drop down list or select/enter date in Date From and Date To field.
6. Click View Report button. It displays detailed information of service password request workflow log.
143
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.

The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
144
Client Manager Guide | Version 4.8.5.0_U3
9.5.7 Service Request Workflow Log
Service Request Workflow logs displays details of all the user service requests raised by users. It displays
details such as the name of the LOB profile, name of the user who has processed the request, date & time on
which the request has been raised, description of the request, type of service access, IP address of the service,
domain name, username of the service, DB instance name of the service, and date & time (from date and end
date) on which the access is requested.
 User having Service Request Workflow Logs privilege will be able to view Service Request Workflow
Logs report.
Process to view Service Request Workflow Log:
1. Click the Reports menu.
2. From the left navigation menu, click Logs option.
3. Click the Service Request Workflow Logs link.
4. It displays the following screen.
145
Client Manager Guide | Version 4.8.5.0_U3
5. Select the LOB from the drop down list or select/enter date in Date From and Date To field.
6. Click View Report button. It displays detailed information of service request workflow log.
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
146
Client Manager Guide | Version 4.8.5.0_U3
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.5.8 Session Activity Log
Session Activity Log report displays the reason why the current user switched to another User in on-going
session. It displays details such as name of the user, domain name, hostname, port number, user input or the
reason to switch to another session, date and type of activity.
 User having Session Activity Log privilege will be able to view Session Activity Log report.
Process to view Session Activity Log:
1. Click Reports menu.
2. From the left navigation menu, click Logs option.
3. Click the Session Activity Logs link.
4. It displays the following screen.
147
Client Manager Guide | Version 4.8.5.0_U3
5. Select the LOB from the drop down list or select/enter date in Date From and Date To field.
6. Click View Report button. It displays detailed information of session activity log.
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.5.9 Session Wise Summary Report
Session Wise Summary Report displays session wise count of activities performed on Server along with details
of service. It displays details such as session ID, count of image count, count of critical commands executed in
the session, count of restricted commands executed in the session, count of restricted processes executed in
the session, start date and time of session, end date and time of session, User log ID, user name of service, name
of domain, instance, port number, server host name, and IP address of server.
 User having Session Wise Summary Report privilege will be able to view Session Wise Summary
Report.
Process to view Session Wise Summary Report:
1. Click the Reports menu.
2. From the left navigation menu, click Logs option.
148
Client Manager Guide | Version 4.8.5.0_U3
3. Click Session Wise Summary Report link.
4. It displays the following screen.
5. Click View Report button. It displays session wise count of activities performed on Server.
149
Client Manager Guide | Version 4.8.5.0_U3
6. Click
icon, to view those columns which are not displayed because of screen size of the User.
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
150
Client Manager Guide | Version 4.8.5.0_U3
9. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.5.10 Ticket Request Workflow Log
Ticket Request Workflow Log displays details of all the ticket request raised by users in a LOB. It displays details
such as name of the LOB profile, ticket ID, ticket number, status of ticket request, type of ticket, type of activity,
service group name, server domain name, server instance, port number of server, and name of the originator
who has raised the request.
 User having Ticket Request Workflow Logs privilege will be able to view Ticket Request Workflow
Logs report.
Process to view Ticket Request Workflow Log:
1. Click Reports menu.
2. From the left navigation menu, click Logs option.
3. Click the Ticket Request Workflow Logs link.
4. It displays the following screen.
151
Client Manager Guide | Version 4.8.5.0_U3
5. Select the LOB from the drop down list or select/enter date in Date From and Date To field.
6. Click View Report button. It displays detailed information of ticket request workflow log.
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
152
Client Manager Guide | Version 4.8.5.0_U3
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.5.11 User Access Review Processes
User Access Review Processes displays details of all the user access review processes created by Users. It
displays details such as description of user access review, date on which review was last initialized, next review
date, approver due date, current status of review process, user who created the review process, date and time
when review was initiated, and user access review service details.
 User having User Access Review Processes privilege will be able to view User Access Review
Processes report.
Process to view User Access Review Processes:
1. Click the Reports menu.
2. From the left navigation menu, click Logs option.
3. Click the User Access Review Processes link.
4. It displays the following screen.
153
Client Manager Guide | Version 4.8.5.0_U3
5. Select the LOB and Service Group from the respective drop down list.
6. Click View Report button. It displays detailed information of user access review processes.
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.
154
Client Manager Guide | Version 4.8.5.0_U3

The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.6 Performance Reports
Performance Reports are the report which discovers the performance of the application. It helps the user to
view the performance details of MS SQL services and details of newly added desktops integrated in ARCON
PAM.
Following are the reports in Performance Reports:
• MS SQL Connection Report
• New ARCON PAM DeskInsight Services
9.6.1 MS SQL Connection Report
MS SQL Connection Report displays details of all the users connected to the MS SQL (Microsoft Sequel)
instance on ARCON PAM database server. It displays details such as name of the database to which the service
is integrated, username of the service, and the count of the type of the connections that are made to the MS
SQL instance on ARCON PAM database server.
 User having MS SQL Connection Report privilege will be able to view MS SQL Connection Report.
Process to view MS SQL Connection Report:
1. Click the Reports menu.
2. From the left navigation menu, click Performance Reports option.
3. Click the MS SQL Connection Report link.
4. It displays the following screen.
155
Client Manager Guide | Version 4.8.5.0_U3
5. Click View Report button. It displays details of all the users connected to the MS SQL (Microsoft Sequel)
instance on ARCON PAM database server.
6. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
7. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
8. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
156
Client Manager Guide | Version 4.8.5.0_U3
9.6.2 New ARCON PAM DeskInsight Devices
ARCON PAM DeskInsight master is a service that helps to fetch the details of desktops integrated in ARCON
PAM. New ARCON PAM DeskInsight Devices report displays newly added desktops in Organizational Unit
(OU) of Windows Active Directory. It displays details such as host name of the desktop, type of device, name of
the service, and date & time on which the device was last discovered by the service in ARCON PAM.
 User having New ARCON DeskInsight Devices privilege will be able to view New ARCON DeskInsight
Devices report.
Process to view New ARCON PAM DeskInsight Devices Report:
1. Click the Reports menu.
2. From the left navigation menu, click Performance Reports option.
3. Click the New ARCON PAM DeskInsight Devices link.
4. It displays the following screen.
157
Client Manager Guide | Version 4.8.5.0_U3
5. Click View Report button. It displays details of newly added desktops in Organizational Unit (OU) of
Windows Active Directory.
6. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
7. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
8. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
158
Client Manager Guide | Version 4.8.5.0_U3
9.7 Privilege Reports
Privilege is a permission granted to users to perform any action. Privilege Reports displays details of privileges
assigned to Client or Admin users.
Following are the reports in Privilege Reports:
•
•
•
•
Client Manager Privilege Report
Group Admin Privilege Report
Server Manager Privilege Report
User and Service Privileges – Windows RDP
9.7.1 Client Manager Privilege Report
Client Manager Privilege Report displays the graphical, grid view and count of client manager privileges
assigned to Client or Admin users. It displays details such as name of the user, name of the privilege group, and
name of the privilege assigned to user.
 User having Client Manager Privilege Report privilege will be able to view Client Manager Privilege
Report.
Process to view Client Manager Privilege Report:
1. Click the Reports menu.
2. From the left navigation menu, click Privilege Reports option.
3. Click Client Manager Privilege Report link.
4. It displays the following screen.
159
Client Manager Guide | Version 4.8.5.0_U3
5. Select LOB from LOB drop down list.
 To search records based on a specific user ID, enter the user ID in the User ID text field.
6. Click View Report button. It displays a graphical view and grid containing the details of client manager
privileges assigned to Client and Admin users.
160
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.7.2 Group Admin Privilege Report
Group Admin Privilege Report displays the graphical, grid view and count of group admin privileges assigned to
Admin Users. It displays details such as name of the Admin User, name of the privilege group, and name of the
privilege assigned to Admin User.
 User having Group Admin Privilege Report privilege will be able to view Group Admin Privilege
Report.
Process to view Group Admin Privilege Report:
1. Click the Reports menu.
2. From the left navigation menu, click Privilege Reports option.
3. Click Group Admin Privilege Report link.
4. It displays the following screen.
161
Client Manager Guide | Version 4.8.5.0_U3
5. Select LOB from LOB drop down list.
 To search records based on specific user ID, enter the user ID in the User ID text field.
6. Click View Report button. It displays a graphical view and grid containing details of group admin
privileges assigned to Admin users.
162
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.7.3 Server Manager Privilege Report
Server Manager Privilege Report displays the grid view and count of server manager privileges assigned to
Admin Users. It displays details such as name of the Admin User, name of the Privilege Group, and name of the
privilege assigned to Admin User.
 User having Server Manager Privilege Report privilege will be able to view Server Manager Privilege
Report.
Process to view Server Manager Privilege Report:
1. Click the Reports menu.
2. From the left navigation menu, click Privilege Reports option.
3. Click Server Manager Privilege Report link.
4. It displays the following screen.
163
Client Manager Guide | Version 4.8.5.0_U3
5. Select LOB from LOB drop down list.
 To search the records based on a specific user ID, enter the user ID in the User ID text field.
6. Click on View Report button. It displays a grid view details of Server Manager privileges assigned to
Admin Users.
164
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.7.4 User and Service Privileges - Windows RDP
User and Service Privileges – Windows RDP report displays a graphical view and count of command privileges
assigned to Client or Admin users, which are mapped to Windows RDP (Remote Desktop Protocol) service
type. It displays details such as name of the user, IP address of the service, host name of the service, host user
name of the service, command assigned to users, name of the Admin user who has assigned the command, and
date & time on which the command is assigned.
 User having User & Service Privileges - Windows RDP privilege will be able to view User & Service
Privileges - Windows RDP report.
Process to view User & Service Privileges – Windows RDP:
1. Click Reports menu.
2. From the left navigation menu, click Privilege Reports option.
3. Click User & Service Privileges – Windows RDP link.
4. It displays the following screen.
165
Client Manager Guide | Version 4.8.5.0_U3
5. Select LOB or Service Group from their respective drop down list.
6. Click View Report button. It displays a graphical view and grid containing details of commands assigned
to users which are mapped to Windows RDP service type.
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
166
Client Manager Guide | Version 4.8.5.0_U3
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.8 Security Reports
Security Reports are reports, which discovers the security of ARCON PAM. It displays details of commands
execution, usage of services, and login attempts made by user.
Following are the reports in Security Reports:
•
•
•
•
•
•
•
•
•
•
Critical Commands Executed Report
High Usage Service Report
Invalid Login Attempts Report
Low Usage (in days) Service Report
Multiple Desktop Logon Report
Multiple User Logon Report
Network Segment wise Logon Report
Restricted Commands Executed Report
Service Accessed – Multiple Times Report
User Service Accessed – Multiple Times Report
9.8.1 Critical Commands Executed Report
Critical Commands Executed Report displays a graphical and grid view of all the critical commands executed on
servers. Critical commands are already defined prior from Server Manager as per the companies policy. It
displays details such as name of the user who has executed the command, display name of the user, IP address
of the desktop, type of service, IP address of service, user name of the service, DB instance of the service, name
of the command executed by user, status of the command, and date & time on which the command is executed.
 User having Critical Commands Executed Report privilege will be able to view Critical Commands
Executed Report.
Process to view Critical Commands Executed Report:
1. Click Reports menu.
2. From the left navigation menu, click Security Reports option.
167
Client Manager Guide | Version 4.8.5.0_U3
3. Click Critical Commands Executed Report link.
4. It displays the following screen.
5. Select LOB from the drop down list or select/enter date in Date To and Date From field.
 To search records based on a specific user group or service type, select the User
Group and Service Type from the drop down list respectively.
6. Click View Report button. It displays the graphical view and grid containing details of critical commands
executed on servers.
168
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.8.2 High Usage Service Report
High Usage Service Report displays the count of services, which are highly accessed. It displays details such as
type of service, IP address of the service, user name of the service, number of times service is accessed between
169
Client Manager Guide | Version 4.8.5.0_U3
30-60 minutes, number of times service is accessed between 1-2 hours, and number of times service is
accessed more than two hours.
 User having High Usage (in hrs) Services Report privilege will be able to view High Usage (in hrs)
Services Report.
Process to view High Usage Service Report:
1. Click Reports menu.
2. From the left navigation menu, click Security Reports option.
3. Click High Usage (in hrs) Services Report link.
4. It displays the following screen.
5. Select LOB from the drop down list or select/enter date in Date From and Date To field.
170
Client Manager Guide | Version 4.8.5.0_U3
 To search records based on a specific Server IP, enter the server IP in the Service/ Server IP text
field.
6. Click View Report button. It displays the grid containing details of services which are highly accessed.
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.8.3 Invalid Login Attempts Report
Invalid Login Attempts Report displays a graphical and grid view of count/number of invalid login attempts
made by user. It displays details such as name of the user, domain name of the user, details of the machine/
desktop, module name, user identification (valid/invalid username), comment details, total number of invalid
attempts, and date & time on which the user tried to login.
 User having Invalid Login Attempts Report privilege will be able to view Invalid Login Attempts
Report.
Process to view Invalid Login Attempts Report:
171
Client Manager Guide | Version 4.8.5.0_U3
1. Click Reports menu.
2. From the left navigation menu, click Security Reports option.
3. Click Invalid Login Attempts Report link.
4. It displays the following screen.
5. Select Date From and Date To from their drop down list respectively.
6. Click View Report button. It displays the graphical view and grid containing the details of number of
invalid login attempts made by the user.
172
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.8.4 Low Usage (in days) Service Report
Low Usage (in days) Service Report displays the graphical and gird view of count/number of servers, which are
accessed rarely. It displays details such as type of service, IP address of service, username of service, date &
time on which the service is last accessed, and number of days the service is not accessed.
 User having Low Usage (in days) Services Report privilege will be able to view Low Usage (in days)
Services Report.
Process to view Low Usage (in days) Service Report:
173
Client Manager Guide | Version 4.8.5.0_U3
1. Click Reports menu.
2. From the left navigation menu, click Security Reports option.
3. Click Low Usage (in days) Service Report link.
4. It displays the following screen.
5. Select the LOB from the drop down list or select/enter the date in Date From field from which you want
to view the low usage services.
6. Click View Report button. It displays the graphical view and grid containing details of low usage services.
174
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.8.5 Multiple Desktop Logon Report
Multiple Desktop Logon Report displays a graphical and grid view details of desktop IP used by users to login in
to ARCON PAM. It displays details such as IP address of the desktop and number of users logged in from IP
(Desktop).
 User having Multiple Desktop Logon Report privilege will be able to view Multiple Desktop Logon
Report.
175
Client Manager Guide | Version 4.8.5.0_U3
Process to view Multiple Desktop Logon Report:
1.
2.
3.
4.
Click Reports menu.
From the left navigation menu, click Security Reports option.
Click Multiple Desktop Logon Report link.
It displays the following screen.
5. Select the LOB from the drop down list or select/enter the date in Date From and Date To field.
6. Click View Report button. It displays the graphical view and grid containing details of desktop IP used by
users to login in to ARCON PAM from different IP/desktops.
176
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.8.6 Multiple User Logon Report
Multiple User Logon Report displays the graphical and grid view details of users who have logged into ARCON
PAM from different IP/desktops. It displays details such as name of the user, display name of the user, and total
number of desktops used by users to login into ARCON PAM.
 User having Multiple User Logon Report privilege will be able to view Multiple User Logon Report.
Process to view Multiple User Logon Report:
177
Client Manager Guide | Version 4.8.5.0_U3
1.
2.
3.
4.
Click Reports menu.
From the left navigation menu, click Security Reports option.
Click Multiple User Logon Report link.
It displays the following screen.
5. Select the LOB from the drop down list or select/enter the date in Date From and Date To field.
6. Click View Report button. It displays the graphical view and grid containing details of users who have
logged into ARCON PAM from different IP/desktops.
178
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.8.7 Network Segment Wise Logon Report
Network Segment Wise Logon Report displays details of all the users who have logged into ARCON PAM
through any network device configured in Network Segments in Default Configuration. It displays details such
as name of the user, display name of the user, details of the machine/desktop, IP address of the user’s machine,
and name of the network segment device.
179
Client Manager Guide | Version 4.8.5.0_U3
 User having Network Segment Wise Logon Report privilege will be able to view Network Segment
Wise Logon Report.
Process to view Network Segment Wise Logon Report:
1.
2.
3.
4.
Click Reports menu.
From the left navigation menu, click Security Reports option.
Click Network Segment Wise Logon Report link.
It displays the following screen.
5. Select Date from and Date To from their drop down list respectively.
6. Click View Report button. It displays details of all the users who have logged into ARCON PAM through
any network device.
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
180
Client Manager Guide | Version 4.8.5.0_U3
9. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.8.8 Restricted Commands Executed Report
Restricted Commands Executed Reports displays details of all the restricted commands executed by user.
Restricted commands are already defined prior from Server Manager as per the companies policy. It displays
details such as name of the user, display name of the user, machine details of user, type of service, IP address of
service, username of service, DB instance of service, name of the restricted command executed by user, status
of the command, and date & time on which the restricted command is executed.
 User having Restricted Commands Executed Report privilege will be able to view Restricted
Commands Executed Report.
Process to view Restricted Commands Executed Report:
1.
2.
3.
4.
Click Reports menu.
From the left navigation menu, click Security Reports option.
Click Restricted Commands Executed Report link.
It displays the following screen.
5. Select the LOB from the drop down list or select/enter the date in Date From and Date To field.
 To search records based on a specific user group or service type, select
the User Group and Service Type from the drop down list respectively.
6. Click View Report button. It displays graphical view and grid containing details of restricted commands
executed by users.
181
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.8.9 Service Accessed – Multiple Times Report
Service Accessed – Multiple Times report displays a graphical and grid view details of services accessed
multiple times by user. It displays details such as type of service, IP address of service, username of service, DB
instance of service, and number of times the service is accessed.
182
Client Manager Guide | Version 4.8.5.0_U3
 User having Service Accessed - Multiple Times Report privilege will be able to view Service Accessed
- Multiple Times Report.
Process to view Service Accessed – Multiple Times Report:
1.
2.
3.
4.
Click Reports menu.
From the left navigation menu, click Security Reports option.
Click Service Accessed – Multiple Times Report link.
It displays the following screen.
5. Select the LOB from the drop down list or select/enter the date in Date From and Date To field.
6. Click View Report button. It displays a graphical view and grid containing details of services accessed
multiple times by user.
183
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.8.10 User Service Accessed - Multiple Times Report
User Service Accessed – Multiple Times report displays number of times User has accessed services between
defined range. It displays details such as name of the user, display name of the user, and number of times service
is accessed by User.
 User having User Service Accessed - Multiple Times Report privilege will be able to view User Service
Accessed - Multiple Times Report.
184
Client Manager Guide | Version 4.8.5.0_U3
Process to view User Service Accessed – Multiple Times Report
1.
2.
3.
4.
Click Reports menu.
From the left navigation menu, click Security Reports option.
Click User Service Accessed – Multiple Times link.
It displays the following screen.
5. Select the LOB from the drop down list or select/enter the date in Date From and Date To field.
6. Click View Report button. It displays the details of count/number of times user has accessed a particular
server.
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
185
Client Manager Guide | Version 4.8.5.0_U3
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.9 Service Reports
A service is an instance of a server. Each user may have a unique requirement of service to perform on the
server. Service Report is used to generate details of services, which are active in ARCON PAM. In addition, it
generates details of reference number provided by the user before accessing any service and unique IP
addresses of services.
Following are the reports in Service Reports:
•
•
•
•
•
•
•
•
•
•
•
•
Active Service Report
Active Sessions Report
Multiple Service Reference Number Report
Password Envelope Print Report
Scheduled Password Change Services
Servers in Domain Report
Service Accessed Summary Day Wise Report
Service Accessed Summary Report
Service Dependency Report
Service Group wise Service Type Report
Services in Domain Report
Unique Services IP Address Report
9.9.1 Active Services Report
Active Service Report is a master report, which displays details of services that are active in ARCON PAM,
irrespective of the LOB’s. It displays details such as name of the LOB, type of service, IP address of service, host
name of service, username of service, domain name of service, DB instance of service, port number of service,
and description of service.
 User having Active Services Report privilege (under Reports - Service Reports) will be able to
view Active Services Report.
Process to view Active Service Report:
1. Click Reports menu.
2. From the left navigation menu, click Service Reports option.
186
Client Manager Guide | Version 4.8.5.0_U3
3. Click Active Services Report link.
4. It displays the following screen.
5. Select type of service from the Service Type drop down list.
6. Click View Report button. It displays the grid containing details of active services in ARCON PAM.
187
Client Manager Guide | Version 4.8.5.0_U3
7. Click
icon, to view those columns which are not displayed because of screen size of the User.
8. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
9. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
10. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.9.2 Active Sessions Report
Active Sessions Report is a master report which displays details of all the service sessions that are currently
active in ARCON PAM. It displays details such as IP address of the server, username of the user who has taken
the session, display name of the user, type of service, username of the service, and source address of the session
taken by user.
 User having Active Sessions Report privilege will be able to view Active Sessions Report.
Process to view Active Sessions Report:
1. Click Reports menu.
2. From the left navigation menu, click Service Reports option.
188
Client Manager Guide | Version 4.8.5.0_U3
3. Click Active Sessions Report link.
4. It displays the following screen.
5. Click View Report button. It displays details of all the service sessions that are currently active in
ARCON PAM.
189
Client Manager Guide | Version 4.8.5.0_U3
6. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
7. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
8. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.9.3 Multiple Service Reference Number Report
Multiple Service Reference Number Report displays graphical and grid view details of reference number
provided by the user before accessing any service. It displays details such as name of LOB, name of user, display
name of user, IP address of desktop, type of service, IP address of service, username of service, DB instance of
service, reference number of a service, and total count of reference number used for a service.
 User having Multiple Service Reference No. Report privilege will be able to view Multiple Service
Reference No. Report.
Process to view Multiple Service Reference Number Report:
1.
2.
3.
4.
Click Reports menu.
From the left navigation menu, click Service Reports option.
Click Multiple Service Reference No. Report link.
It displays the following screen.
190
Client Manager Guide | Version 4.8.5.0_U3
5. Select Date From and Date To from their drop down list respectively.
6. Click View Report button. It displays the graphical view and grid containing details of reference number
provided by the user before accessing any service.
191
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.9.4 Password Envelope Print Report
Password Envelope Print Report displays details of Users who have printed password envelope and those who
have verified the process. It displays the details such as name of User who has printed the password envelope,
name of Users who have verified the password envelope printing process, count of service details displayed in
password envelope and date and time details when password envelope was printed.
 User having Password Envelope Print Report privilege will be able to view Password Envelope Print
Report.
Process to view Password Envelope Print Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click Service Reports option.
Click Password Envelope Print Report option.
It displays the following screen.
5. Select/enter the date in Date From and Date To fields for which you want to view the password
envelope print details.
192
Client Manager Guide | Version 4.8.5.0_U3
6. Click View Report. It displays details of all the Users who have printed password envelope.
7. It displays the details such as the Envelope Printed By, First Verifier, Second Verifier, Number of Services
and Printed On.
8. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
9. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
10. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.9.5 Scheduled Password Change Services
Scheduled Password Change Services Report displays details of all the services that are scheduled for
password change process. It displays details such as IP address of the service, host name of the service, domain
name of the service, type of service, name of LOB, service group, date & time on which the password was last
changed, minimum password age of service, maximum password age of service, policy set for the password, and
date & time on which the service was scheduled for password change process.
 User having Scheduled Password Change Services privilege will be able to view Scheduled Password
Change Services report.
Process to view Scheduled Password Change Services Report:
1. Click Reports menu.
2. From the left navigation menu, click Service Reports option.
3. Click Scheduled Password Change Services link.
193
Client Manager Guide | Version 4.8.5.0_U3
4. It displays the following screen.
5. Select the LOB from the drop down list or select/enter the date in Date From and Date To field.
 To search records based on a specific service group or service type, enter the required details in
the Service Group and Service Type text fields respectively.
6. Click View Report button. It displays details of all the services that are scheduled for password change
process.
194
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.9.6 Servers in Domain
Servers in Domain report displays a graphical and grid view details of all the servers in a domain irrespective of
the LOB’s. The details displayed in this report are based on IP Address of Server. It displays details such as
domain name, IP address of Server, host name of Server, instance, port number, and LOB in which service has
been created.
 User having Servers in Domain Report privilege will be able to view Servers in Domain report.
Process to view Servers in Domain report:
195
Client Manager Guide | Version 4.8.5.0_U3
1. Click Reports menu.
2. From the left navigation menu, click Servers in Domain option.
3. Click Servers in Domain link.
4. It displays the following screen.
196
Client Manager Guide | Version 4.8.5.0_U3
5. Click View Report button. It displays the graphical view and grid containing details of Servers in Domain.
6. Click
icon, to view those columns which are not displayed because of screen size of the User.
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.
197
Client Manager Guide | Version 4.8.5.0_U3
 For downloading reports, refer Exported Reports section.
9.9.7 Service Accessed Summary Day Wise Report
Service Access Summary Day Wise Report displays total count of the services accessed on a daily basis. It
displays LOB wise details of the services accessed on a daily basis.
 User having Service Accessed Summary Days Wise Report privilege will be able to view Service
Accessed Summary Days Wise Report.
Process to view Service Accessed Summary Day Wise Report:
1.
2.
3.
4.
Click Reports menu.
From the left navigation menu, click Service Reports option.
Click Service Accessed Summary Day Wise Report link.
It displays the following screen.
5. Select or enter date in Date From and Date To field.
6. Click View Report button. It displays the total count of the services accessed on a daily basis.
198
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.9.8 Service Accessed Summary Report
Services Accessed Summary Report generates a monthly summary report of all the services that are accessed
by the User. It displays details such as name of the LOB and the monthly count of the services accessed by the
User.
 User having Service Accessed Summary Report privilege will be able to view Service Accessed
Summary Report.
Process to view Service Accessed Summary Report:
1.
2.
3.
4.
Click Reports menu.
From the left navigation menu, click Service Reports option.
Click Service Accessed Summary Report link.
It opens the Service Accessed Summary Report window.
199
Client Manager Guide | Version 4.8.5.0_U3
5. Select or enter date in Date From and Date To field.
6. Click View Report button. It displays the monthly count of all the services that are accessed by the User.
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
200
Client Manager Guide | Version 4.8.5.0_U3
9.9.9 Service Dependency Report
Service Dependency Report generates a report of all the services that have dependent services along with the
LOB of the dependent service, and type of dependency. It displays details such as the IP address of the service,
service hostname, username of parent service as well as the name of dependent service.
 User having Service Dependency Report privilege will be able to view Service Dependency Report.
Process to view Service Dependency Report:
1.
2.
3.
4.
Click Reports menu.
From the left navigation menu, click Service Reports option.
Click Service Dependency Report link.
It displays the following screen.
5. Select the particular LOB from the drop down list.
 To search records based on a specific server IP, enter the server IP in the Service/ Server IP text
field.
6. Click View Report button. It displays the list of all the services that have dependent services.
201
Client Manager Guide | Version 4.8.5.0_U3
7. Click
icon, to view those columns which are not displayed because of screen size of the User.
8. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
9. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
10. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.9.10 Service Group wise Service Type Report
Service Group wise Service Type Report displays Service Types of Services assigned to Service Group. It
displays details such as service group and service type.
 User having Service Group wise Service Type Report privilege will be able to view Service Group wise
Service Type Report .
202
Client Manager Guide | Version 4.8.5.0_U3
Process to view Service Group wise Service Type Report:
1. Click the Reports menu.
2. From the left navigation menu, click Service Reports option.
3. Click Service Group wise Service Type Report from Service Reports link.
4. It displays the following screen.
203
Client Manager Guide | Version 4.8.5.0_U3
5. Click View report button. It displays service types of services assigned to service group.
6. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
7. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
204
Client Manager Guide | Version 4.8.5.0_U3
8. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.9.11 Services in Domain
Services in Domain report displays a graphical and grid view details of all the services in a domain irrespective
of the LOB’s. The details displayed in this report are based on Service Username. It displays details such as the
domain name of the service, username of service, IP address of service, host name of service, instance, port
number, and LOB in which service has been created.
 User having Services in Domain Report privilege will be able to view Services in Domain report.
Process to view Services in Domain report:
1. Click Reports menu.
2. From the left navigation menu, click Service Reports option.
205
Client Manager Guide | Version 4.8.5.0_U3
3. Click Services in Domain link.
4. It displays the following screen.
5. Click View Report button. It displays the list of all the services in domain.
206
Client Manager Guide | Version 4.8.5.0_U3
6. Click
icon, to view those columns which are not displayed because of screen size of the User.
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
207
Client Manager Guide | Version 4.8.5.0_U3
9.9.12 Unique Services IP Address Report
Unique Services IP Address Report displays graphical and grid view details of all the services having unique IP
addresses. It displays details such as type of service, unique IP address of a service, count of services belonging
to the unique IP address, and total number of services that are active or inactive.
 User having Unique Services IP Address Report privilege will be able to view Unique Services IP
Address Report.
Process to view Unique Services IP Address Report:
1.
2.
3.
4.
Click Reports menu.
From the left navigation menu, click Service Reports option.
Click Unique Services IP Address Report link.
It opens the Unique Services IP Address Report window.
5. Select the type of service from the Service Type drop down list.
 To search records based on a specific server IP, enter the server IP in the Service/ Server IP text
field.
6. Click View Report button. It displays the graphical view and grid containing details of all the services
having unique IP address.
208
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from the Show entries drop down list, to display only those numbers of
records in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.10 User Reports
User reports shows all reports related to users whether they are active, inactive, dormant, logged out, etc. The
active and inactive reports which are displayed are basically master reports and hence the LOB option is not
displayed on the screen.
Below are the reports listed under User Reports:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Active Users Report
Consolidated User & Service Mapping Report
Dormant User Report
Dual Factor Auth Configuration Report
Idle Users Report
Inactive Users Report
Last Service Accessed Report
Locked Out User Report
User & Service Mapping Report
User Biometric Auth Report
User Dormant in next 5 day Report
User Hardware Auth Report
User Last Logon Report
User Mobile OTP Auth Report
209
Client Manager Guide | Version 4.8.5.0_U3
• User SMS OTP AUTH Report
9.10.1 Active Users Report
Active Users Report is the master user report which displays details of all users who are active in ARCON PAM
irrespective of the LOB’s. It displays details such as user id, display name of the user, domain of the user, data &
time till when the user is active, the type of user, the name of the Administrator who created the user, the date
& time when the user was created.
 User having Active Users Report privilege (under Reports - User Reports) will be able to view Active
Users Report.
Process to view Active Users Report:
1. Click the Reports menu.
2. From the left navigation menu, click User Reports option.
3. Click the Active Users Report link.
4. It displays the following screen.
210
Client Manager Guide | Version 4.8.5.0_U3
5. Click View Report button. It displays the details of the active users.
6. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
7. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
8. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
211
Client Manager Guide | Version 4.8.5.0_U3
9.10.2 Consolidated User & Service Mapping Report
Consolidated User & Service Mapping Report displays total count of all the services mapped to users. It displays
details such as user id, display name of the user, type of service, and total count of all the services mapped to
users.
 User having Consolidated User & Service Mapping Report privilege will be able to view Consolidated
User & Service Mapping Report.
Process to view Consolidated User & Service Mapping Report:
1. Click the Reports menu.
2. From the left navigation menu, click User Reports option.
3. Click the Consolidated User & Service Mapping Report link.
4. It displays the following screen.
212
Client Manager Guide | Version 4.8.5.0_U3
5. Select LOB from drop down list and click View Report button. It displays total count of all the services
mapped to users.
6. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
7. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
8. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.10.3 Dormant User Report
Dormant User Report displays details of Users who have not used their account for the configured number of
dormancy days in Application Configuration (Default Configuration).
 User having Dormant User Report privilege will be able to view Dormant User Report.
Process to view Dormant User Report:
1. Click the Reports menu.
2. From the left navigation menu, click User Reports option.
3. Click the Dormant User Report link.
213
Client Manager Guide | Version 4.8.5.0_U3
4. It displays the following screen.
5. Select LOB or User Group from the available filter.
6. Click View Report button. It displays the list of all the dormant users of the selected LOB.
7. Select the number of entries from Show entries drop down, to display only those numbers of records in
the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
214
Client Manager Guide | Version 4.8.5.0_U3
9.10.4 Dual Factor Auth Configuration Report
Dual Factor Auth Configuration Report displays reports for the users who have configured the dual factor
authorization to make the login process more secure. The report will display the name of the user and whether
they have configured all or any one of the configurations i.e. Mobile OTP, SMS OTP, Biometric and Hardware
Token.
 User having Dual Factor Auth Configuration Report privilege will be able to view Dual Factor Auth
Configuration Report.
Process to view Dual Factor Auth Configuration Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click User Reports option.
Click the Dual Factor Auth Configuration Report link.
It displays the following screen.
5. Select LOB from the drop down list or enter the user id in User ID text field.
 If you know the User Id then you can directly fetch the reports.
6. Click View Report button. It displays the list of Users configured for dual factor authorization.
215
Client Manager Guide | Version 4.8.5.0_U3
7. Click
icon, to view those columns which are not displayed because of screen size of the User.
8. Select the number of entries from Show entries drop down, to display only those numbers of records in
the grid.
9. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
10. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.10.5 Idle Users Report
The Idle User Reports displays list of all the users who are idle for the selected LOB. It displays details such as
the name of the user, the domain name of the user, last logon date & time of the user, the count of days the user
who has not logged in the application and the status of user.
216
Client Manager Guide | Version 4.8.5.0_U3
 User having Idle Users Report privilege will be able to view Idle Users Report.
Process to view Idle Users Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click User Reports option.
Click Idle Users Reports link.
It displays the following screen.
5. Select the LOB from the drop-down list or select/enter the date in Date From field from which you want
to view the idle user details.
6. Click View Report button. It displays the details of the idle users for the selected LOB.
217
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down, to display only those numbers of records in
the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.10.6 Inactive Users Report
Inactive Users Report is the master user report which displays details of all users who are inactive in ARCON
PAM irrespective of the LOB’s. It displays details such as user id, display name of the user, domain of the user,
data & time till when the user is inactive, the type of user, the name of the administrator who created the user,
the date & time when the user was created.
 User having Inactive Users Report privilege will be able to view Inactive Users Report.
218
Client Manager Guide | Version 4.8.5.0_U3
Process to view Inactive Users Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click User Reports option.
Click Inactive Users Report link.
It displays the following screen.
5. Click View Report button. It displays the details of inactive users.
6. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
7. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
219
Client Manager Guide | Version 4.8.5.0_U3
8. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.10.7 Last Service Accessed Report
Last Service Accessed Report displays details of last service accessed by users. It displays details such as display
name of the user, user id of user, domain name of the user, type of user, date & time on which the service was
accessed, username of the service, and IP address of the service.
 User having Last Service Accessed Report privilege will be able to view Last Service Accessed Report.
Process to view Last Service Accessed Report:
1. Click the Reports menu.
2. From the left navigation menu, click User Reports option.
3. Click Last Service Accessed By User Report link, it displays following screen.
4. Select LOB from the drop down list and click View Report button. It displays the list of last service
accessed by users.
220
Client Manager Guide | Version 4.8.5.0_U3
5. Select the number of entries from Show entries drop down, to display only those numbers of records in
the grid.
6. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
7. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.10.8 Locked Out User Report
Locked Out User Report displays details of Users who have tried to login using invalid password and exceeded
the value configured in lockout attempts in Application Configuration (Default Configuration). The reports are
displayed according to the selected LOB. It displays details such as name of the user, the domain of the user,
selected LOB of the user, the type of user, the date and timestamp of the last logged User, the valid date of the
user until when the user will be active and the user group of the User.
Example: If Lockout Attempts is set as 3 and User makes 3 Invalid Attempts to login into Client Manager; then
his ID gets locked and it is added to Lockout Users List under Manage Users. Such user will not be able to Login
into ARCON PAM even with correct password.
 User having Locked Out User Report privilege will be able to view Locked Out User Report.
Process to view Locked Out Users Report:
1. Click the Reports menu.
2. From the left navigation menu, click User Reports option.
221
Client Manager Guide | Version 4.8.5.0_U3
3. Click Locked Out User Report from User Reports link.
4. It displays the following screen.
5. Select LOB or User Group from the drop down list.
6. Click View report button. It displays the details of the locked out user report.
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
222
Client Manager Guide | Version 4.8.5.0_U3
9.10.9 User & Service Mapping Report
User & Service Mapping Report displays the graphical view of LOB wise user’s and services reports that are
mapped to the user group and service group. It displays details such as user id, display name of the user, the
user group in which the user is present, the service type which is assigned to the user, the IP address allotted,
the host name assigned, the service user name, the DB instance of the user, the administrator who has assigned
the service and date and time when the service was assigned to the user.
 User having User & Service Mapping Report privilege will be able to view User & Service Mapping
Report.
Process to view User & Service Mapping Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click User Reports option.
Click User & Service Mapping Report link.
It displays the following screen.
5. Select LOB or User Group from the drop down list or enter Service/ Server IP to pull the report.
 Enter the User ID to generate the report based on the User.
6. Click View Report button. It displays the graphical and grid view details of user and services mapped to
the user group for the selected LOB.
223
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.10.10 User Biometric Auth Report
User Bio-metric Auth Report displays reports for the users who have configured only the bio-metric
authorization to make the login process more secure. The report will display the user id, display name of the
user, email id of the user, whether the user is configured for bio-metric or not, the mobile number of the user,
the name of the administrator who configured the bio-metric for the user and when was it configured the
timestamp.
224
Client Manager Guide | Version 4.8.5.0_U3
 User having User Biometric Auth Report privilege will be able to view User Biometric Auth Report.
Process to view User Bio-metric Auth Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click User Reports option.
Click User Bio-metric Auth Report link.
It displays the following screen.
5. Select LOB from the drop down list or enter the User ID.
 If user knows the User Id then directly the report is pulled for that user.
6. Click View Report button. It shows the graphical view and displays the details of the bio-metric
configuration for the users.
225
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.10.11 User Dormant in next 5 day Report
User Dormant in next 5 day Report displays details of Users whose account will be dormant in next 5 days.
Dormancy days are configured in Application Configuration (Default Configuration).
The report displays details such as name of User, display name of User, domain of User, LOB of User, type of
User, date and time when User had last logged in, date and time till when User is valid, and group of User.
226
Client Manager Guide | Version 4.8.5.0_U3
 User having User Dormant in next 5 day Report privilege will be able to view User Dormant in next 5
day Report.
Process to view User Dormant in next 5 day Report:
1. Click the Reports menu.
2. From the left navigation menu, click User Reports option.
3. Click the User Dormant in next 5 day Report link.
4. It displays the following screen.
227
Client Manager Guide | Version 4.8.5.0_U3
5. Select LOB or User Group from the available filter.
6. Click View Report button. It displays the list of Users whose account will be dormant in next 5 days.
7. Select the number of entries from Show entries drop down, to display only those numbers of records in
the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.
228
Client Manager Guide | Version 4.8.5.0_U3

The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.10.12 User Hardware Auth Report
User Hardware Auth Report displays details of the Users who have configured Hardware Token authorization,
to make the login process more secure. It displays details such as the user id, display name of the user, email id
of the user, whether the user is configured for Hardware Token or not, the mobile number of the user, the name
of the Administrator who has configured the Hardware Token for the user and the timestamp details.
 User having User Hardware Auth Report privilege will be able to view User Hardware Auth Report.
Process to view User Hardware Auth Report:
1. Click the Reports menu.
2. From the left navigation menu, click User Reports option.
3. Click User Hardware Auth Report link.
229
Client Manager Guide | Version 4.8.5.0_U3
4. It displays the following screen.
5. Select LOB from the drop down list.
 Enter the User ID to generate the report based on the user.
6. Click View Report button. It displays the details of the Users who have configured Hardware Token
authorization.
230
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.10.13 User Last Logon Report
User Last Logon Report displays User’s last logon details into ARCON PAM application. The reports are
displayed according to the selected LOB. It displays details such as name of the user, the domain of the user,
LOB name, the type of user, last login date and timestamp of user, the valid date until when the user is active for
login and the user group name.
231
Client Manager Guide | Version 4.8.5.0_U3
 User having User Last Logon Report privilege will be able to view User Last Logon Report.
Process to view User Last Logon Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click User Reports option.
Click User Last Logon Report link.
It displays the following screen.
5. Select LOB from drop down list and click View Report button. It displays when was the last time the user
had logged into the application.
232
Client Manager Guide | Version 4.8.5.0_U3
6. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
7. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
8. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.10.14 User Mobile OTP Auth Report
User Mobile OTP Auth Report displays details of the Users who have configured mobile authorization, to make
the login process more secure. It displays details such as the user id, display name of the user, email id of the
user, whether the user is configured for mobile or not, the mobile number of the user, the name of the
Administrator who has configured mobile for the user and timestamp details.
 User having User Mobile OTP Auth Report privilege will be able to view User Mobile OTP Auth
Report.
Process to view User Mobile OTP Auth Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click User Reports option.
Click User Mobile OTP Auth Report link.
It displays the following screen.
233
Client Manager Guide | Version 4.8.5.0_U3
5. Select LOB from drop down list.
 Enter the User ID to generate the report based on the user id.
6. Click View Report button. It displays the graphical and grid view details of the Users who have
configured mobile authorization.
234
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.10.15 User SMS OTP Auth Report
User SMS OTP Auth Report displays details of the Users who have configured SMS OTP authorization, to make
the login process more secure. It displays details such as user id, display name of the user, email id of the user,
whether the user is configured for SMS OTP or not, the mobile number of the user, the name of the
Administrator who has configured SMS OTP for the user and the timestamp details.
 User having User SMS OTP Auth Report privilege will be able to view User SMS OTP Auth Report.
235
Client Manager Guide | Version 4.8.5.0_U3
Process to view User SMS OTP Auth Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click User Reports option.
Click User SMS OTP Auth Report link.
It displays the following screen.
5. Select LOB from the drop down list.
 Enter the User Id to generate the report for specific user.
6. Click View Report button. It displays details of the Users who have configured SMS OTP authorization.
236
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.11 Vault Reports
The vault is the secure storage space for all the password’s in ARCON PAM where the users and services
passwords are saved. The Service Password is the password assigned to each of the services while creating it.
The Vault Reports displays all the reports related to the Service Password.
Below are the reports listed under Vault Reports:
• Current Password Status Report
237
Client Manager Guide | Version 4.8.5.0_U3
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Restore Service Password Option Used
Service Password Age Report
Service Password Change Failed (Server Unavailable) Report
Service Password Changed Status Report
Service Password Changed Success/Failed Report
Service Password Check Out Report
Service Password Envelope Print Status Report
Service Password Expires in 5 Days Report
Service Password Manually Changed Report
Service Password Never Changed Report
Service Password Security Status
Service Password Vaulting Summary Report
SPC not Configured Report
SPC Success and Failed Report
9.11.1 Current Password Status Report
Current Password Status Report displays current status of service password and other password change
details. It displays details such as IP address of service, host name of service, user name of service, DB instance,
port number, type of service, password changed by, password change date and time, maximum password age,
current password age, current password status, account status, date and time when service was last accessed,
whether auto schedule is enabled or not, reason for password change process failure.
 User having Current Password Status Report privilege will be able to view Current Password Status
Report.
Process to view Current Password Status Report:
1. Click the Reports menu.
2. From the left navigation menu, click Vault Reports option.
238
Client Manager Guide | Version 4.8.5.0_U3
3. Click Current Password Status Report link.
4. It displays the following screen.
5. Select Date From and Date To to view details between selected dates. Enter Service / Service IP or
select Service Type from the drop down list.
6. Click View Report button. It displays current status of service password and other password change
details.
239
Client Manager Guide | Version 4.8.5.0_U3
7. Click
icon, to view those columns which are not displayed because of screen size of the User.
8. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
9. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
10. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
240
Client Manager Guide | Version 4.8.5.0_U3
9.11.2 Restore Service Password Option Used
Restore Service Password Option Used report displays the list of users who used the Restore Service Password
option. It displays details such as the service username, Server IP, Server Host name, Domain name, Port,
Description and Restore Date.
 User having Restore Service Password Option Used privilege will be able to view Restore Service
Password Option Used report.
Process to view Restore Service Password Option Used Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click Vault Reports option.
Click Restore Service Password Option Used link.
It displays the following screen.
5. Enter date in Date From and Date To fields.
6. Click View Report button. It displays list of Services whose passwords have been restored.
241
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.11.3 Service Password Age Report
Service Password Age Report displays the age of the service password i.e. for the number of days the password
of the service is active in ARCON PAM. It displays details such as the IP address of the service, host name of the
service, the user name of the service, the DB instance name, the type of service assigned, short description of
the service, the max age of the password, the current age of the password i.e. the number of days from when
the password was changed, and the group name of the service.

• User having Service Password Age Report privilege will be able to view Service Password Age
Report.
• If the service password is kept in scheduling then the maximum age of the service password to
be changed is displayed in the Max Password Age column.
Process to view Service Password Age Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click Vault Reports option.
Click Service Password Age Report link.
It displays the following screen.
242
Client Manager Guide | Version 4.8.5.0_U3
5. Select LOB, Service Group or Service Type from the drop down list.
6. Click View Report button. It displays the graphical view and list details of service password age of the
service.
243
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
244
Client Manager Guide | Version 4.8.5.0_U3
9.11.4 Service Password Change Failed (Server Unavailable) Report
Service Password Change Failed (Server Unavailable) Report displays details of all the services whose
password change has failed due to server downtime. It displays the IP address of the service, host name of the
service, the user name of the service, the DB instance name, the type of service assigned, short description of
the service, the name of the Administrator who changed the password, the date & time when the password was
changed and the current status of the failed service password change.
 User having Service Password Change Failed (Server Unavailable) Report privilege will be able to
view Service Password Change Failed (Server Unavailable) Report.
Process to view Service Password Change Failed (Server Unavailable) Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click Vault Reports option.
Click Service Password Change Failed (Server Unavailable) Report link.
It displays the following screen.
5. Select the filter i.e. LOB, Service Group or Service Type drop down list. Select or enter date in Date From
and Date To field.
6. Click View Report button. It displays details of all the services whose password change has failed due to
server downtime.
245
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.11.5 Service Password Changed Status Report
Service Password Changed Status Report displays details of all the services whose password have been
successfully changed since the service was created. It displays the IP address of the service, host name of the
service, the domain name, the user name of the service, the DB instance name for the user who is assigned the
database server, the type of service assigned, the name of the Administrator who last changed the password,
the date & time of password change, type of password change process, the number of times the password is
changed from inspection of service, and the current status of the password change.
246
Client Manager Guide | Version 4.8.5.0_U3
 User having Service Password Changed Status Report privilege will be able to view Service Password
Changed Status Report.
Process to view Service Password Changed Status Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click Vault Reports option.
Click Service Password Changed Status Report link.
It displays the following screen.
5. Select LOB, Service Group or Service Type from the drop down list and click View Report button.
6. It displays details of all the services whose password have been successfully changed since the service
was created.
247
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.11.6 Service Password Changed Success or Failed Report
Service Password Changed Success/Failed Report displays password change status for the services. It displays
details such as the type of service assigned, the host name, service IP address of the service, user name, domain
name, and date & time when the service was created.
 User having Service Password Changed Success-Failed Report privilege will be able to view Service
Password Changed Success/Failed Report.
Process to view Service Password Changed Success/Failed Report:
1. Click the Reports menu.
248
Client Manager Guide | Version 4.8.5.0_U3
2. From the left navigation menu, click Vault Reports option.
3. Click Service Password Changed Success/Failed Report link.
4. It displays the following screen.
5. Select or enter Date From and Date To. Enter Service/Server IP or select Service Type from the drop
down list.
6. Click View Report button. It displays status of the services whose passwords are changed.
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
249
Client Manager Guide | Version 4.8.5.0_U3
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.11.7 Service Password Check Out Report
Service Password Check Out Report displays the details of the Users requested to view the service password
for a desired number of hours. It displays details such as the IP address of the service, host name of the service,
the name of the user, the DB instance name for the user who is assigned the database server, the type of service
assigned, the name of the person who requested to view the password, short description or reason requested
to view the password, the number of hours the password view is open for the requested user, the date & time
until when the password view is open and the name of the Administrator who authenticates service password.
 User having Service Password Check Out Report privilege will be able to view Service Password
Check Out Report.
Process to view Service Password Check Out Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click Vault Reports option.
Click Service Password Check Out Report link.
It displays the following screen.
5. Select the LOB from the drop down list or select/enter the date in Date From and Date To field for which
you want to view the service password check out details.
6. Click View Report button. It displays the graphical and grid view details of the Users requested to view
the service password for a desired number of hours.
250
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
251
Client Manager Guide | Version 4.8.5.0_U3
9.11.8 Service Password Envelope Print Status Report
Service Password Envelope Print Status Report displays print status details of all the services for which the
password envelope has been generated. It displays the details such as the LOB, Service IP, Service Host, Service
User Name, Domain, Instance, Service Port, Service Type, Start Date, started by user and Printing status.
 User having Service Password Envelope Print Status Report privilege will be able to view Service
Password Envelope Print Status Report.
Process to view Service Password Envelope Print Status Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click Vault Reports option.
Click Service Password Envelope Print Status Report option.
It displays the following screen.
5. Select/enter the date in Date From field from which you want to view the password envelope print
status details.
6. Click View Report. It displays print status details of all the services for which the password envelope has
been generated.
252
Client Manager Guide | Version 4.8.5.0_U3
7. It displays the details such as the LOB, Service IP, Service Host, Service User Name, Domain, Instance,
Service Port, Service Type, Start Date, Started By User and Printing Status.
8. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
9. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
10. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.11.9 Service Password Expires in 5 Days Report
Service Password Expires in 5 Days Report displays details of those services whose passwords will be expired in
5 days. It displays details such as IP Address of service, hostname, username, DB instance name, type of service,
minimum and maximum password age.
 User having Service Password Expires In 5 Days Report privilege will be able to view Service
Password Expires In 5 Days Report.
Process to view Service Password Expires in 5 Days Report:
253
Client Manager Guide | Version 4.8.5.0_U3
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click Vault Reports option.
Click Service Password Expires in 5 Days Report link.
It displays the following screen.
5. Select LOB, Service Group or Service Type from drop down list and click on View Report button.
6. It displays the graphical and grid view detail of service passwords which expire in 5 days.
254
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.11.10 Service Password Manually Changed Report
Service Password Manually Changed Report displays details of all the services whose password are changed
manually. It displays the IP address of the service, host name of the service, the name of the user, if the user is
assigned the database server the DB instance, the type of service assigned, the Administrator who changed the
password manually, the date & time when the password was changed and the current status of the service
password change.
255
Client Manager Guide | Version 4.8.5.0_U3
 User having Service Password Manually Changed Report privilege will be able to view Service
Password Manually Changed Report.
Process to view Service Password Manually Changed Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click Vault Reports option.
Click Service Password Manually Changed Report link.
It displays the following screen.
5. Select LOB from the drop down list or select/enter date in Date From and Date To field or enter Service/
Server IP.
6. Click View Report button. It displays the graphical and grid view details of all the services whose
passwords have been changed manually.
256
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.11.11 Service Password Never Changed Report
Service Password Never Changed Report displays details of all the services whose passwords are never
changed both manually or through password change process. It displays details such as the IP address of the
service, host name of the service, name of the Administrator, DB instance name, the name of service, and group
name of service.
 User having Service Password Never Changed Report privilege will be able to view Service Password
Never Changed Report.
257
Client Manager Guide | Version 4.8.5.0_U3
Process to view Service Password Never Changed Report:
1.
2.
3.
4.
Click the Reports menu.
From the left navigation menu, click Vault Reports option.
Click Service Password Never Changed Report link.
It displays the following screen.
5. Select LOB, Service Group or Service Type from the drop down list.
6. Click View Report button. It displays graphical and grid view details of all the services whose passwords
were never changed both manually or through password change process.
258
Client Manager Guide | Version 4.8.5.0_U3
7. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
8. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
9. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.11.12 Service Password Security Status
Service Password Security Status report displays details of all the services whose password are in open or
closed state. In addition, it displays a graphical representation of the total count of services whose passwords
are in are in open and closed state. It displays details such as username of the service, IP address of the service,
hostname of the service, service instance, domain name of the service, and type of service.
259
Client Manager Guide | Version 4.8.5.0_U3
 User having Service Password Security Status privilege will be able to view Service Password
Security Status.
Process to view Service Password Security Status:
1. Click the Reports menu.
2. From the left navigation menu, click Vault Reports option.
3. Click Service Password Security Status link. It displays the following screen.
4. Select LOB and Service Group from the drop down list.
5. Click View Report. It displays details of all the services whose passwords are in open or closed state. In
addition, it displays a graphical representation of the total count of services whose passwords are in
open and closed state.
260
Client Manager Guide | Version 4.8.5.0_U3
6. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
7. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
8. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.11.13 Service Password Vaulting Summary Report
Password Vaulting Summary report displays the LOB wise summary of all the services whose password have
been changed. It displays details such as LOB name, LOB Description, Total No. of Services, Number of Services
Vaulted and Number of Services pending for Vaulting.
 User having Service Password Vaulting Summary Report privilege will be able to view Service
Password Vaulting Summary Report.
261
Client Manager Guide | Version 4.8.5.0_U3
Process to view Password Vaulting Summary Report:
1. Click the Reports menu.
2. From the left navigation menu, click Vault Reports option.
3. Click Password Vaulting Summary Report link. It displays the following screen.
4. Click View Report button. It displays the LOB wise summary of Password vaulting such as total number
of services, total number of services vaulted, and number of services pending for vaulting.
262
Client Manager Guide | Version 4.8.5.0_U3
5. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
6. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
7. To pin the report to Dashboard, click
icon.
 For downloading reports, refer Exported Reports section.
9.11.14 SPC not Configured Report
SPC not Configured Report displays details of services for whom SPC has not been configured. It displays
details such as IP address of service, host name of service, user name of service, DB instance, type of service,
description 1,description 2, description 3, and service group name.
 User having SPC not Configured Report privilege will be able to view SPC not Configured Report.
Process to view SPC not Configured Report:
1. Click the Reports menu.
2. From the left navigation menu, click Vault Reports option.
3. Click SPC not Configured Report link.
263
Client Manager Guide | Version 4.8.5.0_U3
4. It displays the following screen.
5. Select LOB, Service Group or Service Type from the drop down list.
6. Click View Report button. It displays details of services for whom SPC has not been configured.
264
Client Manager Guide | Version 4.8.5.0_U3
7. Click
icon, to view those columns which are not displayed because of screen size of the User.
8. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
9. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
10. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
9.11.15 SPC Success and Failed Report
SPC Success and Failed Report displays details of service password change through SPC service. It displays
details such as IP address of service, host name of service, domain name of service, user name of service, DB
265
Client Manager Guide | Version 4.8.5.0_U3
instance, type of service, last password changed by, date and time when password was last changed, password
change status.
 User having SPC Success and Failed Report privilege will be able to view SPC Success and Failed
Report.
Process to view SPC Success and Failed Report:
1. Click the Reports menu.
2. From the left navigation menu, click Vault Reports option.
3. Click SPC Success and Failed Report link.
4. It displays the following screen.
266
Client Manager Guide | Version 4.8.5.0_U3
5. Select LOB, Service Group or Service Type from the drop down list. Select Date From and Date To to
view details between selected dates.
6. Click View Report button. It displays details of service password change status through SPC service.
267
Client Manager Guide | Version 4.8.5.0_U3
7. Click
icon, to view those columns which are not displayed because of screen size of the User.
8. Select the number of entries from Show entries drop down list, to display only those numbers of records
in the grid.
9. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
10. To pin the report to Dashboard, click

icon.
The file naming convention for exported report will be Report name_LOB name.
For downloading reports, refer Exported Reports section.
268
Client Manager Guide | Version 4.8.5.0_U3
10 Dashboard
Dashboard section provides several useful graphical information about the various actions performed in
ARCON PAM. It also displays the pinned reports.
 Users having Dashboard privilege will only be able to view Dashboard menu in Client Manager.
Process to pin the reports on the dashboard:
1. Select the report from the Report section.
2. In the above figure, Group Admin Privilege Report is selected.
3. Click on
icon to pin the report. It opens a below pop up window.
4. Click Close.
 The maximum limit to pin reports in Dashboard menu is six. You need to remove the pinned
report viewed in Dashboard menu, if you want to pin any new report exceeding the limit.
5. Select Dashboard from menu bar.
6. It opens the Dashboard screen.
7. Dashboard screen displays the pinned report.
269
Client Manager Guide | Version 4.8.5.0_U3
8. Click Remove From Dashboard to remove pinned report.
9. A pop up window is displayed.
10. Click Delete to delete pinned report.
Below are the few useful information provided under Dashboard Section.
270
Client Manager Guide | Version 4.8.5.0_U3
•
•
•
•
Users Currently Logged On
Services Currently Being Accessed
Critical Commands Fired
Open Passwords
 The More Info link present below the selected widget provides additional information about
the widget.
10.1 Users Currently Logged On
Users Currently Logged On widget provides real time details of a User accessing number of services. It displays
details such as name of User, display name of User and number of sessions accessed by that user at that
particular time.
Process to view details of User Currently Logged On widget:
1. Click on the Dashboard menu.
2. Click on More Info link present below the Users Currently Being Accessed widget. It displays the
following screen.
271
Client Manager Guide | Version 4.8.5.0_U3
3. Select the number of entries from the Show entries drop down list, to display only those many records in
the grid.
4. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
10.2 Services Currently Being Accessed
Services Currently Being Accessed widget provides real time details of Services currently being accessed. It
displays details such as Server IP Address, User ID details, display name of User, type of Service accessed, user
name of service and machine details from where service is being accessed.
Process to view details of Services Currently Being Accessed widget:
1. Click on the Dashboard menu.
2. Click on More Info link present below the Services Currently Being Accessed widget. It displays the
following screen.
272
Client Manager Guide | Version 4.8.5.0_U3
 The details displayed in grid view are based on value configured in Service ID for Dashboard
Widget configuration in Global Configuration.
Based on following two scenarios list of services is displayed in Services Currently Being
Accessed widget:
If you configure value as service username in Service ID for Dashboard
Widget configuration, then details of services accessed from Client Manager with
configured username will be displayed.
If you do not configure any value in this configuration, then details of all services
accessed from Client Manager will be displayed.
3. Select the number of entries from the Show entries drop down list, to display only those many records in
the grid.
4. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
10.3 Critical Commands Fired
Critical Commands Fired widget provides details of critical commands fired on Server. It displays details such
as the command fired, the response of command fired, date and time details, type of Service, name of the User
who fired the command, ID of User and Server IP on which command was fired.
Process to view details of Critical Commands Fired widget:
1. Click on the Dashboard menu.
273
Client Manager Guide | Version 4.8.5.0_U3
2. Click on More Info link present below the Critical Commands Fired widget. It displays the following
screen.
3. Select the number of entries from the Show entries drop down list, to display only those many records in
the grid.
4. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
274
Client Manager Guide | Version 4.8.5.0_U3
10.4 Open Passwords
Open Passwords widget provides details of Server password which are viewed by User and pending to be
changed. It displays details such as Server IP whose password is open, user name of Service, type of Service,
date and time details till when the password will be open.
Process to view details of Open Passwords widget:
1. Click on the Dashboard menu.
2. Click on More Info link present below the Open Passwords widget. It displays the following screen.
3. Select the number of entries from the Show entries drop down list, to display only those many records in
the grid.
4. To search for a particular record, enter the required search filter in the Search text field, on the right
hand side of the screen.
275
Client Manager Guide | Version 4.8.5.0_U3
11 About
About section provides detail about ARCON PAM Client Manager, which includes Version, its Release Date
and server description.
 You can configure server description in ARCON PAM Server Configuration (Server Manager > Tools >
Advanced Configuration > Default Configuration > ARCON PAM Server Configuration). These details
are displayed in About screen. Eg.: UAT
276
Client Manager Guide | Version 4.8.5.0_U3
12 Manage Service
This section will allow users to manually change the password of the selected service.
Process to change password
1. Click Manager tab.
2. Click Manage Service icon from the navigation menu.
0
0
3. Click Change Password Manually option.
0
0
4. Select the LOB, Server Group, Service Type, and click Submit
0
277
Client Manager Guide | Version 4.8.5.0_U3
0
5. Click this icon
to manually change the password of the particular service.
6. Change Password Manually Window will be displayed, enter the new password in the fields provided
and click change password.
0
0
278
Client Manager Guide | Version 4.8.5.0_U3
7. Password Updated Successfully message will be displayed on screen as follows.
0
279
No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by
any means such as electronic, mechanical, photocopying, recording, or otherwise without permission.
Related documents
Table Top/Floor Display Request Marketing and Communications
Table Top/Floor Display Request Marketing and Communications
Download
advertisement