Network Device Connection Information

Enterprise Administration Guide › Implementing Shared Accounts › SAM Endpoint and Shared Account Creation › Create an Endpoint › Network Device Connection Information

Network Device Connection Information

The network device endpoint type lets you manage privileged account passwords on network devices.

Note: Currently, you can configure the endpoint type to work with a Cisco 2600 network device only.

When you create devices of this type, provide the following information so that CA ControlMinder Enterprise Management can connect to the device:

User Authentication

Specifies the user authentication mode on login:

Anonymous—No username or password is required to log in.
Password Only—A password is required to log in.
Username and Password—Username and password are required to log in.

Enable Mode Authentication

Specifies the authentication mode to set the device to enable mode:

Anonymous—No username or password is required to log in.
Password Only—A password is required to log in.
Username and password—Username and password are required to log in.

Note: In Anonymous authentication modes, the following fields are disabled: Username, Password, and Enable Mode Username.

User Login

Defines the name of an administrative user of the endpoint. SAM uses this account to perform administrative tasks on the endpoint, for example, to connect to the endpoint, discover accounts, and change passwords.

Note the following points:

If you specify the Advanced option, SAM does not use the User Login account to perform administrative tasks. Instead, SAM uses the specified privileged account to perform administrative tasks on the endpoint.

Password

Defines the password of the administrative user of the endpoint.

Enable Login

Defines the name of an administrative user with privileges to set the device to enable mode. Enable mode lets you modify the network device settings.

Host

Defines the host name of the endpoint.

Port

Specifies the server listening port number.

Default: 23

Use Telnet

Specifies to use Telnet rather than SSH to connect to the SSH device.

Note: Use Telnet protocol only to connect to the Cisco 2600 network device.

Configuration File

Specifies the name of the SSH Device XML configuration file. You can customize the XML files to fit your needs.

Note: If you do not specify a value for this field, CA ControlMinder Enterprise Management uses the netdevice_connector_conf.xml file.

Advanced

Specifies whether you want to use a privileged administrative account to perform administrative tasks on the endpoint, for example, to connect to the endpoint, discover accounts, and change passwords. For example, you can specify a privileged domain account that can perform administrative tasks on multiple endpoints.

If you specify this option, SAM does not use the User Login account to perform administrative tasks.

Disable Exclusive Sessions

Specifies whether to disable the exclusive sessions check on this endpoint. When selected, SAM does not check for open sessions on the endpoint.

Deny Exclusive Break-Glass

Specifies to block break-glass check-out action on exclusive accounts.

More information:

Example: How an SSH Device XML File Defines SAM Commands