Enterprise Administration Guide › Implementing Privileged Accounts › PUPM Endpoint and Privileged Account Creation › Create a Login Application

Create a Login Application

A login application uses a script to execute an application on the endpoint that automatically logs you in to a privileged account after you check out the privileged account password. Login applications let you configure PUPM automatic login.

You can create the following types of login applications. Each type of login application is a Visual Basic script:

• ORACLE_10G_WEB.vbs—Lets you automatically log in to the Enterprise Manager web interface of an Oracle 10g database.
• ORACLE_10XE_WEB.vbs—Lets you automatically log in to the Database Home Page web interface of an Oracle XE database.
• ORACLE_11G_WEB.vbs—Lets you automatically log in to the Enterprise Manager web interface of an Oracle 11g database.
• PUTTY.vbs—Lets you automatically log in to an SSH Device endpoint.

  Note: You must install PuTTY Release 0.60 on your computer to use a PuTTY login application.

• RDP.vbs—Lets you automatically log in to a Windows endpoint.

When you use automatic login to check out a privileged account password on a Windows Agentless endpoint, CA Access Control Enterprise Management propend the host domain to the name of the privileged account. Before you create a login application for a Windows Agentless endpoint, verify the following:

• If the endpoint is part of a workgroup, verify that the computer name is specified in the Host Domain field.
• If the endpoint is part of a domain, verify that the domain name is specified in the Host Domain field.

  Note: You can use the Modify Endpoint task to modify the Host Domain field.

By default, you must have the System Manager role to create a login application. You can use login applications only in Microsoft Internet Explorer browsers.

To create a login application

1. In CA Access Control Enterprise Management, click Privileged Accounts, Login Application, Create Login Application task.

   The Create Login Application: Login Application Search screen appears.

2. (Optional) Select an existing login application to create the login application as a copy of it, as follows:
   1. Select Create a copy of an object of type Login Application.
   2. Select an attribute for the search, type in the filter value, and click Search.

      A list of login applicationa that match the filter criteria appears.

   3. Select the object you want to use as a basis for the new login application.
3. Click OK.

   The Create Login Application task page appears. If you created the login application from an existing object, the dialog fields are pre-populated with the values from the existing object.

4. Complete the following fields:

   Name

   Defines the name by which you want to refer to this login application.

   Description

   (Optional) Defines the information you want to record for this login application (free text).

   Script

   Defines the Visual Basic script to use to launch the login application.

   Note: We recommend that you do not customize these supplied scripts.

   Enable

   Specifies that this login application is enabled.

   Click Submit.

   CA Access Control Enterprise Management creates the login application. Before a user can use a login application, you must modify your endpoints in CA Access Control Enterprise Management to use the login application. You need to perform additional configuration steps on the endpoints to use terminal integration, and to use login applications on Windows Server 2008 endpoints.

More information:

Configure Terminal Integration

Modify Windows Server 2008 Endpoints to Use a Login Application