File Management Using PAM360

13 minutes to read

PAM360 supports secure file transfer between a user’s device and a remotely connected resource using the Secure File Transfer Protocol (SFTP). Users can upload or download files between their system and a remote resource in PAM360. In addition to that, users can establish direct SFTP connections between two remote resources added in PAM360 and perform bidirectional file transfer. During the transfer process, PAM360 establishes a secure and encrypted connection to the remote resources and lists all accessible directories, allowing users to transfer files without launching a separate remote session. This ensures authenticated connections and secure transfer of large files. PAM360 also allows users to delete files and folders within the remote directory during an SFTP session.

Notes:

  1. Starting from build 7500, the maximum file transfer limit via SFTP is set at 2 GB by default. Administrators can adjust this limit within the general settings, increasing it up to 10 GB or reducing it to 50 MB, depending on operational needs. However, for optimal performance, it is recommended to maintain the transfer limit at 2 GB or lower.
  2. For builds released prior to 7500, the maximum data transfer limit through SFTP is 6 GB.

Besides SFTP, PAM360 allows file copying to remote systems during interactive remote sessions via the Secure Copy Protocol (SCP), enabling users to upload files to remote devices. The maximum file upload limit through SCP is 5 GB.

Notes:

  1. The file transfer option will be disabled for the accounts configured with SSH command control.
  2. The following characters are not allowed in the name of the file that is going to be transferred: angle brackets (<>), colon (:), quotation marks ("), slash (/), backslash (\), pipe (|), question mark (?), asterisk (*), and apostrophe (').
  3. You can modify the file transfer limit range from 50 MB to 10240 MB in the Allow a maximum data of 2048 MB per transfer in SFTP session option available in General Settings of the PAM360 application.
  4. The file transfer speed during an SFTP session is entirely dependent on network connectivity.

At the end of this document, you will have learned about the following file management operations via PAM360:

  1. Uploading Files to Remote Machines
  2. Downloading Files from Remote Machines
  3. Bidirectional File Transfer
  4. Deleting Files or Folders on Remote Machines

Prerequisite:

For a successful file transfer, it is mandatory to install the Secure File Transfer Protocol (SFTP) server in all the target remote systems that will be involved in file transfer functions.

1. Uploading Files to Remote Machines

You can upload files in two ways; to a directory on the remote machine and to a particular account.

1.1 Uploading Files to Remote Machine Directory

Follow the below steps to upload files to a directory on the remote machine from your local or domain account:

  1. Navigate to the Connections tab and click the name of a resource from the left pane. Now, the display area on the right will display all the accounts that belong to the selected resource.
  2. Hover your mouse over the thumbnail of an account and click the Secure File Transfer icon.
  3. The Secure File Transfer dialog box will appear, where PAM360 will authenticate the connection and all the directories available on the machine in the remote directory section. To select a directory, simply click on its name.
  4. Click Browse to select a file from your local computer for upload.
  5. Now, choose the destination directory where the file should be uploaded and click Upload to proceed.

1.2 Uploading Files to Account

Alternatively, to upload a file to a particular account, follow the below steps:

  1. Navigate to the Resources tab and click the name of the respective resource to view the account details.
  2. Beside the respective account, click the Open Connection icon and select SFTP from the dropdown.
  3. The Secure File Transfer dialog box will appear, where PAM360 will authenticate the connection and display all the directories available on the machine in the remote directory section.
  4. Click Browse to select a file from your local computer for upload.
  5. Now, choose the destination directory where the file should be uploaded and click Upload to proceed.

You will get a confirmation message once the file is uploaded successfully. In case of an upload failure, navigate to Audit >> Resource Audit for more details.

2. Downloading Files from Remote Machines

You can download files in two ways; from a directory on the remote machine and from a particular account.

2.1 Downloading Files from Remote Machine Directory

Follow the below steps to download files from a directory on a remote machine to your local or domain account:

  1. Navigate to the Connections tab and click the name of a resource from the left pane. Now, the display area on the right will display all the accounts that belong to the selected resource.
  2. Hover your mouse over the thumbnail of an account and click Secure File Transfer.
  3. The Secure File Transfer dialog box will appear, where PAM360 will authenticate the connection and all the directories available on the machine in the remote directory section.
  4. Choose the required files in the remote directory and click Download to download the selected items to your local computer.

2.2 Downloading Files from Account

Alternatively, to download files from a particular account, follow the below steps:

  1. Navigate to the Resources tab and click the name of the respective resource. The Account Details dialog box will appear.
  2. Beside the respective account, click the Open Connection icon and click SFTP from the dropdown.
  3. The Secure File Transfer dialog box will appear, where PAM360 will authenticate the connection and display all the available directories on the machine in the remote directory section.
  4. Choose the files from the remote directory and click Download to download the selected items to your local computer.

You will get a confirmation message once the file downloaded successfully. In case of a download failure, navigate to Audit >> Resource Audit for more details.

3. Bidirectional File Transfer

PAM360 web interface supports the bidirectional transfer of files between folders located on separate remote machines using the Secure File Transfer Protocol (SFTP). Follow the steps below to initiate a file transfer.

  1. Navigate to the Connections tab and click Secure File Transfer on the left pane.
  2. In the two available sections, select the appropriate remote machines for bidirectional transfers. Use the drop-down menu to choose the Resource Name and Account Name as needed.
  3. Click the Connect dropdown and choose either Local Account or Domain Account.
  4. If you select the Domain Account option, you will see a pop-up box - Auto logon using other domain accounts with the Use domain account radio button enabled.

  5. Select your domain account credentials using the Resource Name and Account Name dropdowns. Then, click Connect to establish a direct SFTP connection using the selected credentials.
  6. If you have logged into PAM360 using the AD/Microsoft Entra ID/LDAP authentication, you will have the option to use your logged-in account credentials to connect to the remote machine.
  7. Enter your logged-in account password in the required field and click Connect.

    8. Note: If you have an active ticketing system integration in PAM360, provide a valid ticket ID for the SFTP session.

  8. PAM360 will now authenticate the connection, and you will see all the folders in both systems under their respective sections.
  9. Choose the required file from either of the columns and click the relevant arrow icon in the middle to initiate data transfer between the selected paths. Similarly, choose the file or folder you want to delete individually from the remote directories and click the Delete icon to remove the item from the remote directory.

Once the file transfer is complete, you will see that file in the destination directory you selected previously. In case of transfer failure, navigate to Audit >> Resource Audit for more details.

Notes:

  1. To perform file transfer on a resource for which Password Access Control is enabled, you need to send a password request. Once the resource owner approves your request, PAM360 will allow you to perform file transfers on that resource for the duration of your access.
  2. Secure File Transfer works only for users with the Secure File Transfer Operations permission in their user role. The two types of default user roles that have the File Transfer permission are:
    1. Admin roles (Administrators, Privileged Administrators, and Password Administrators)
    2. Connection User role
  3. The Secure File Transfer function works only on two conditions:
    1. File transfer must be performed on resources that run on operating systems supported by PAM360. The operating system types supported by PAM360 are: Windows, Windows Domain, Linux, Mac, Solaris, HP UNIX, IBM AIX, HPUX, and JunOS.
    2. The target resources must have the Secure File Transfer Protocol (SFTP) installed.

4. Deleting Files or Folders on Remote Machines
(Applicable from build 7500 and above only)

You can delete files or folders in two ways; from a directory on the remote machine and from a particular account.

Note: It is recommended not to delete the default system folders and virtual directories on the remote machines.

4.1 Deleting Files from Remote Machine Directory

Follow the below steps to delete files or folders from a directory on a remote machine via SFTP session:

  1. Navigate to the Connections tab and click the name of a resource from the left pane. Now, the display area on the right will display all the accounts that belong to the selected resource.
  2. Hover your mouse over the thumbnail of an account and click Secure File Transfer.
  3. The Secure File Transfer dialog box will appear, where PAM360 will authenticate the connection and display all the available directories on the machine in the remote directory section.
  4. You can either choose files individually or bulk from the remote directory. However, you can select folders individually for the deletion. Click Delete.
  5. In the dialog box that appears, confirm your action to delete the selected items from the remote directory.

4.2 Deleting Files from Account

Refer to the steps below to delete files or folders from an account via SFTP session.

  1. Navigate to the Resources tab and click the name of the respective resource. The Account Details dialog box appears.
  2. Beside the respective account, click the Open Connection icon and click SFTP from the dropdown.
  3. The Secure File Transfer window will appear, where PAM360 will authenticate the connection and display all the available directories on the machine in the remote directory section.
  4. You can either choose files individually or bulk from the remote directory. However, you can select folders individually for the deletion.
  5. Click Delete and confirm your action in the dialog box that appears to delete the selected items.
Top
Back to Top