Xton Access Manager Product Update 2.3.202102081004
Today we released new update to the Xton Privileged Access Manager software. This update adds the option to display password expiration warning message for Active Directory users, added the option to use Virtual TOTP and Virtual SMS access field on any record for quick access to MFA code.
Added the option to display password expiration warning message for Active Directory users
The update added the option to display password expiration warning message for Active Directory users based on GPO configuration in AD. The warning prompts users that their password in Active Directory will soon expire and suggests to change the password using Management / My Profile screen. The warning helps administrators to facilitate self-service password management for the system users.
Enable global parameter Password Expiration Warning to enable this option which is disabled by default.
Added the option to add Virtual TOTP and Virtual SMS access field to any record
The update added the option to add Virtual TOTP and Virtual SMS access field to any record for quick access to MFA code. Adding quick access to MFA code is most useful for WEB Portal records to provide all authentication factors needed to login to the WEB Portal under management whether using Browser Filler Extension or HTTP Proxy.
To enable record scoped Virtual MFA option, add TOTP or SMS field to the record type and populate the field value with the TOTP secret key or phone number in the integrated Twilio phone system. After record is configured, the system will display Execute button for the Virtual MFA field on the Record View and Record Quick View screens. When clicked, the action will generate time based or access SMS for the MFA code. Note that record owners have the option to configure access request requirements for the users to access Execute action.
Virtual TOTP is an MFA option generating temporary second-factor code based on the secret key and the time synchronized with WEB Portal.
Virtual SMS is an MFA option based on the SMS message sent by the destination WEB Portal. Virtual SMS field requires customer to have Twilio account. The option is based on integration with Twilio service using the virtual phone number provided by Twilio stored on XTAM record. To integrate with Twilio, use the following system properties substituting TWILIO-USER and TWILIO-PASSWORD parameters with the one provided by Twilio service:
xtam.integration.sms.user=TWILIO-USER
xtam.integration.sms.password=TWILIO-PASSWORD
xtam.integration.sms.url=https://api.twilio.com/2010-04-01/Accounts/{xtam.integration.sms.user}/Messages.json
xtam.integration.sms.script=Twilio Integration
Added the option to display ENTER key in the session events report
The update added the option to display ENTER key pressed in the text rendering of key sequence event in the session events report. By default, ENTER key is not displayed in the exported reports. The update adds the option to display the character in place of ENTER key pressed by a user.
To enable this option add the following parameter to the properties file: xtam.session.key.enter=182 . Note that 182 is the configurable ASCII code of the character printed in place of ENTER key.
Added REST API function to update one record field
The update added the option REST API function to update one record field instead of all fields in one call to simplify integration with other systems. The curl example below in Unix shell notation illustrates the new function use with $apitoken as a XSRF TOKEN, FIELD-VALUE for new field value, $base is the system URL (such as https://xtam.company.com/xtam), $recordID is the ID of the record and $fieldName is the field name (not the field display name) to update
curl -s $auth -H "Accept: application/json" -H "Content-Type: application/json" -H "X-XSRF-TOKEN: $apitoken" -X PUT --data "{\"string\":\"FIELD-VALUE\"}" $base/record/updateField/$recordID/$fieldName
https://www.xtontech.com/resources/xton-access-manager-release-notes/
- Workflows (Delegated Approval)
- Workflow Template Types
- Managing my User Profile
- Active Directory Integration
- REST API Shell Scripts API Tokens
- Automated Password Rotation for Multiple AD Servers
- Video Recording
- Personal Vault
- Getting Started Guide: Connecting to Sessions
- Using Email to Approve or Reject Requests
- XTAM Gateway
- XTAM REST API Documentation
- XTAM Password Vault Free Trial Download
- Xton Access Manager User Manual
- Getting Started Guide
- Xton Technologies News and Events
- Xton Access Manager How-To Guides
- Explore Our PAM Features and Highlights
- Explore a pre-configured live demo in our environment
- Best Practices Guide provides insights into both Concepts and Design elements for users looking to build out their PAM deployment
The software requires about five minutes to install on a freshly built Windows or Linux server or desktop with 2+ Gb RAM and no pre-requisites. After installation, please follow our Getting Started Guide for step-by-step introduction to the application.
Read the product documentation including Windows and Linux installation instructions as well as Getting Started Guide: https://www.xtontech.com/resources/documentation/
Follow this link for the instructions how to update the existing setup: https://www.xtontech.com/resources/faq/updating-xton-access-manager-version/
Check the software pricing, including options and licensing FAQ: https://www.xtontech.com/store/
We appreciate your feedback and comments about Xton Access Manager and also about handling privileged accounts, passwords, keys and certificates as well as sessions to remote computers in general.
Thank you for your interest in our product.
Xton Technologies team
Download Today!
Xton Access Manager for Privileged Access Management (PAM) provides complete, control for your privileged passwords, secrets, certificates and documents to meet audit requirements while limiting your risk of security breaches. It’s easy to install, affordable, cloud-ready and offers unlimited use and storage
Please fill out this form to receive a download link to get started today, even on your current desktop or laptop. Documentation is available to help or you can email or call us to request a trial extension, discuss questions and share your feedback. We would love to talk to you.
The Featured image for this article is Calendar vector created by stories – www.freepik.com
Sign vector created by stories – www.freepik.com
