Imprivata Privileged Access Management Product Update 2.3.202103282220

March 28, 2021

This update added support for Smart Card (X.509) authentication, account management support for Solaris OS and VMWare ESXi devices, and regular expressions and exception processing options for Interactive SSH scripts.

Added support for Smart Card (X.509) authentication

The update adds support for Smart Card (X.509) authentication.

The option allows using of WEB access as well as WEB sessions for users authenticating to the system using smart cards or other forms of browser installed certificates.

Note that the option allows access for WEB browsing and WEB Sessions only.

The option is included in all new deployments.

Existing deployments have to update the Federated Sign-In module to the latest published version.

Added account management support for Solaris OS and VMWare ESXi devices

The update adds Password Reset Remote Solaris User script to reset passwords for non-root users on Solars OS using Unix Host record type.

The update also adds Password Reset Remote Solaris Root script to reset the password for the root user on Solaris OS using Unix Host with SU record type when the root access is restricted from the remote locations.

The update also adds a Password Reset Remote VMWare ESXi script to reset passwords on VMWare ESXi devices.

Added regular expressions, exception processing and switch user support for Interactive SSH scripts

The update adds the option to specify regular expressions in the expectation part of the Interactive SSH script element to support multiple possible conditions or complex parsing of the device prompt. Use \rREGEXP in place of the input element to make the script parse the input element as a regular expression.

The update also added the option for conditional termination of the Interactive SSH job execution sequence in response to specified errors in the remote device output.

Use the optional third element in the expected-input->output->error1,error2,error3 triplet to specify exit condition for the script execution.

The update also added the option for Interactive SSH strategy scripts to be executed by shadow accounts.