1. Create password policy

1

Click on the tab Password policies in ANT PAM settings section

2

The list of existing Password policies will be displayed.

• Note: only objects where the user has relevant permissions are displayed.

3

Press the CREATE button [ ]

4

The modal window with the details of the Password policy will be displayed

5

Enter the Name (and the Description if needed)

6

Set Character set = CUSTOM for possibility to define minimal length of all desired subsets

7

Set Min length = 12 and Max legth = 16

8

Choose Lower case, Upper case, Numbers and Symbols as subsets and set Min length = 1.

Note: the password must contain at least one char from all subsets and the overall lengths of the password must be at least 12 and maximaly 16 chars.

9

Press CREATE button and the Password policy will be created and enlisted in the list of password policies.

2. Create Launcher type Agent RDP

1

Click on the tab Launchers in ANT PAM settings section.

2

The list of existing Launchers will be displayed.

• Note: only objects where the user has relevant permissions are displayed.

3

Press the CREATE button [ ].

4

Insert the Name and Description of the launcher and select type Agent RDP and press the button SAVE.

5

The Launcher is created and displayed in the list of Lauchers.

3. Create Secret template

1

Click on the tab Secret templates in ANT PAM settings section.

2

The list of existing Secret templates will be displayed.

• Note: only objects where the user has relevant permissions are displayed.

3

Press the CREATE button [ ].

4

The modal window with the details of the Secret template will be displayed.

5

Fill name and description (optionaly) and press button CREATE. 

6

The Secret template is created and now it is time to create secret template fields

7

Go to the Fields tab and press the CREATE NEW FIELD button.

8

The modal window with the details of Secret template Field will be displayed (press 

9

Create first field - insert:

Field Username:

• Name = Username
• Format = Text
• Required = true
• Keep all history = true
• Editing requirements = User

Note: First field is Username, it is just plain text format, this field is mandatory and all history of changes in the Secret should be kept. Field will be edited by user with relevant permissions

10

Press CREATE button and the field will be saved and displayed in the list of fields.

11

Now it is time to define other fields - press button [ ] and fill the form:

Field Password:

• Name = Password
• Format = Password
• Password policy = Example password policy
• Validate password on edit = true
• Required = true
• Keep all history = true
• Editing requirements = User

Note: this field will be used to store password. For all field in Password format is Password policy mandatory field, so the new password policy is selected. Validation is set like to edit because the basic assumption is that a username and password already exists for the RDP and does not necessarily meet the conditions set by the new password policy. Each time the password is changed again, the password will then be validated against the password policy. This field is also required and all history should be stored.

12

Press CREATE button and the field will be saved and displayed in the list of fields.

13

Now create last fields and save it:

Field Domain:

• Name = Domain
• Format = Text

Note: unmentioned parameters could be kept unchanged.

14

All fields are now ready to be used within the Secret creation

4. Create Launcher mapping

1

Go to the Launcher mapping tab in the drawer and press the ADD NEW LAUNCHER MAPPING button (or create button [ ].

2

The modal window with the mapping details will be displayed.

Select Launcher Example RDP Launcher

The list of Launcher variables are displayed and the select boxes with the Secret template fields to map.

Set for:

• launcher variable Hostname set [ Define later ] option
• launcher variable Domain binding to field Domain
• launcher variable Username binding to field Username
• launcher variable Password binding to field Password
• launcher variable Port set [ Default value ] option

Press the ADD button to save the mapping.

5. Create Secret

1

Go to the tab Secrets to display the Secrets section.

2

Choose the folder where new Secret should be created and placed and press the button CREATE [ ] on the right side of the page

3

The modal window for the Secret creation will be displayed.

4

Fill the Name of the new secret, optionaly Description

5

Choose the secret template Example Secret template and fill secret template fields:

• Domain: domain
• Username: username
• Password: password
• according to the configuration of the Password field within the secret template, the first password will not be evaluated for its strength - based on the configuration in the password policy. For each subsequent password, a password generator can already be used, based on the linked password policy

6

Set permissions as inherited.

7

Press button CREATE to save new secret.

6. Create Connection

1

Go to the tab Connections to display the connections section.

2

Choose the folder where new Connection should be created and placed and press the button CREATE [ ] on the right side of the page

3

Insert Name of the new secret, optionaly Description.

4

Select Launcher Example RDP laucher. 

5

Select Secret template Example Secret template.

6

Select Secret Example Secret.

7

Set value for Hostname launcher variable as:

• Ask later - to create universal connections for all hostnames where the same credentials work - the hostname value will be requested by the launcher when the connection is launched.
• Define value - to create specific connection for some specific remote desktop with specific Hostname

8

Set permissions as inherited.

9

Press button CREATE to save new connection.