Integrating PAM360 with ManageEngine ServiceDesk Plus
The following topics are discussed in this document:
- Key Benefits
- Prerequisites
- Configuration Steps
- Viewing Configuration Details
- How Do Technicians Benefit from the Integration?
1. Key Benefits
ManageEngine PAM360 integrates with ManageEngine ServiceDesk Plus (SDP), a web-based Help Desk and Asset Management software. Organizations use helpdesk software such as the SDP to deliver customer service and manage their internal IT perfectly.
Technicians using SDP often need to access target machines (or resources) manually to resolve issues, which involves security-related challenges, such as sharing sensitive passwords for authentication, etc., especially while using the privileged accounts. They also had the pain of jumping between machines to perform different tasks. With this integration, accessing the remote systems from the ServiceDesk Plus portal is just a click away for the Technicians. Administrators can now provide the advantage of secure remote access to the target machines (or resources) only to the authorized Technicians, without sharing the credentials. The Technicians can remotely access the target endpoints (or resources) from the ServiceDesk Plus portal without having to log in to PAM360 each time to fetch the credentials.
2. Prerequisites
Before commencing the integration, verify if all of the below prerequisites are satisfied:
- All the configurations related to the PAM360-SDP integration can be done from the SDP portal. Hence, make sure you have access to an active SDP portal.
- The SDP Technician should also be a PAM360 user, with the same User Name in both the applications. Using Active directory integration will ensure that the same username is present in both the products.
- PAM360 should be accessible from the server on which SDP is running. To verify this, try launching your PAM360 web-client from the SDP server.
- The Authentication token (Auth Token) generated during the integration process is specific to your ServiceDesk Plus instance, and will be displayed only once. Hence, make sure you copy the Auth Token as you need to paste it in the required field in the PAM360 portal.
3. Configuration Steps
All the configurations related to the PAM360 - ServiceDesk Plus integration can be performed from the ServiceDesk Plus console only.
From ServiceDesk Plus build 13000 onwards, it is required to deploy the PAM360's SSL certificate in the SDP installation directory to complete the integration process. Follow these steps to complete the SSL certificate deployment process.
From the PAM360 console, you can view the configuration details and regenerate the AuthToken. Once you have finished configuring the integration, you will be able to access the accounts in target endpoints remotely (or resources) without having to enter the credentials.
- If the integration is not successful, first verify if the server is reachable. Then, follow the below steps:
- Navigate to the <PAM360_Installation_Folder>/logs directory and open the pam0 file.
- Search for remoteHost in api filter and try pinging the value/IP address corresponding to it.
- If the server is not reachable using the IP address, then determine the correct IP/DNS, using which you can ping the server from the PAM360 installation machine.
- If the problem persists, please contact PAM360 support.
- ServiceDesk Plus does not support launching remote sessions to resources for which Remote App-only access is enabled in PAM360.
Notes:
4. Viewing the Configuration Details
Once you are done with configuring the integration, you can view the configuration details from the PAM360 console. Navigate to Admin >> Integration >> ManageEngine. You will see the Integrations | ManageEngine page.
Note: Only the users with the "ManageEngine Integration" role will see the ManageEngine option under Integration.
In the Integrations | ManageEngine page, you will see the ServiceDesk Plus block that looks like any of the below images based on whether integration is enabled or disabled:
Buttons and Definitions:
Sl. No: Button Definition 1
Enable
You will see this option if the integration is disabled. Click this button and you will be notified with a message to set up the integration from the SDP portal.2
Edit
Click this button, and the ServiceDesk Plus Integration window pops up.3
Disable
You will see this option if the integration is enabled. Click this button to disable the integration.
From the ServiceDesk Plus Integration window, you will be able to do the following:
- View the configuration details that include:
- Auth Token: The available Auth Token will be hidden and you will see only a "Auth Token Available" message in this field.
- Host Name: The DNS name of the machine, where ServiceDesk Plus is hosted.
- Port Number: The port number on which ServiceDesk Plus is listening.
- Click the Regenerate button to generate a new Auth Token.
- Click Update to save the changes.
You can generate any number of Auth tokens from here. This option comes handy if you have lost the Auth Token that was generated during the initial configuration process. Whenever you generate a new Auth token, click Update for the change to take effect.
5. How Do Technicians Benefit from the Integration?
After the successful completion of the integration and configuring the required actions from the ServiceDesk portal, you can access the PAM360 portal and view the resources using the Custom Actions menu on the Request Details page, as shown below:
Using these options, the Technicians can remotely access the Windows server via RDP, and Linux and Mac machines over Telnet or SSH.