Add System/Machine Users

System users are specialized service or administrator accounts created within remote machines, such as databases, Windows systems, or Linux environments. These accounts execute automated tasks and operations, ensuring seamless system functionality without requiring constant human intervention.

This guide provides a comprehensive, step-by-step walkthrough to manage system users in miniOrange PAM, including adding new accounts, configuring credentials, and assigning resources.

How to Manage System Users

Follow these steps to add and configure a system user effectively:

Accessing the System Users Section

Open the miniOrange PAM dashboard.
Navigate to the side menu.
Select System Users.
Click Add System User to open the configuration window.

Navigating the miniOrange PAM dashboard to add a system user

Adding a System User

The Add System User interface consists of three sections:

General
Resources
Rotator Details

General

The General section contains fields to define the system user's basic details and authentication credentials.

Fields

Add your system Display username and system username.

General section for configuring system user details and authentication credentials.

Pro Tip: Ensure your password is 12 characters long and include at least one special character for better security.

Authentication Credentials

You have an option to add a password or a key.
Enter the password and click on Next.

Authentication credentials section for configuring a system user password, key, certificate, or token.

Certificate/Token: Provide the system user’s certificate or token:

Enter Manually: Type the certificate details.
Upload File:
- Click Upload.
- In the pop-up, click Choose File to upload the certificate file (Max size: 20 MB).
- Click Import.

Passphrase: Enter the passphrase for the certificate or token (if required).
Mark as Complete: Check this option to confirm the user setup.

Authentication credentials section for configuring a system user key, certificate, or token.

Resources

This section enables you to map various resources to a system user, such as Assets, Applications, and Web Apps that are already configured within miniOrange PAM.

Server: Select the server (e.g., "Server01") from the dropdown menu.
Databases: Choose an database (e.g., "PostgreSQL") from the dropdown menu.
Web Applications: Select a web applications (e.g., "AWS Management Console") from the dropdown menu.
Click on Next.

Rotator Details

Rotator Details specifies the credentials and method for rotating the system user’s password, thus enhancing security. This policy works alongside the Password Policy to ensure that passwords are not just secure but also regularly updated.

Rotator Type: Select the desired rotator type from the dropdown menu. If credentials are managed at an Active Directory, select AD, else if your credentials are local, select NON AD.
Rotator Instance: Select the relevant rotator instance from the dropdown menu.

Note: Define the rotator type and instance to match the specific credential rotation needs of your organization.

After completing all three sections, click Add to save the new system user.

Warning: Double-check all configurations before marking the setup as complete.

System/Machine User Management

Once the system/machine user is configured successfully, you can locate the system users on the main menu.

Manage System/Machine Users in miniOrange PAM

If you need to manage a system/machine, you can do it from the main page.
Locate Action >> select the required option from the dropdown.

Action	Option Overview
Edit	With the edit option, you are able to alter the details you have added in the configuration section.
Delete	Delete the selected resource from the dashboard

Contents