An auditor initiates a live monitoring session to PSM server to view an ongoing live session. When the auditor's machine makes an RDP connection the PSM server, which user will be used?
An auditor initiates a live monitoring session to PSM server to view an ongoing live session. When the auditor's machine makes an RDP connection the PSM server, which user will be used?
When an auditor initiates a live monitoring session to a PSM server to view an ongoing live session, the connection uses a specific user account designated for this purpose. This user is typically 'Shadowuser,' which is explicitly designed for shadowing or monitoring sessions in a secure manner. Options like 'PSMAdminConnect' or 'PSMConnect' are intended for administrative and regular PSM connections, respectively, and 'Credentials stored in the Vault for the target machine' pertains to accessing target systems rather than monitoring sessions.
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PAS%20INST/Optional-Moving-the-PSMConnec-and-PSMAdminConnect-users-to-your-Domain.htm#ConfiguretheRemoteDesktopSessiononthePSM