Chapter 18. Advanced authentication and authorization techniques

18.1. Configuring usermapping policies
18.2. Configuring gateway authentication
18.2.1. Configuring out-of-band gateway authentication
18.2.2. Performing out-of-band gateway authentication on PSM
18.2.3. Performing inband gateway authentication in SSH and Telnet connections
18.2.4. Performing inband gateway authentication in RDP connections
18.2.5. Troubleshooting gateway authentication
18.3. Configuring 4-eyes authorization
18.3.1. Configuring four-eyes authorization
18.3.2. Performing four-eyes authorization on PSM
18.4. Using credential stores for server-side authentication
18.4.1. Configuring local Credential Stores
18.4.2. Performing gateway authentication to RDP servers using local Credential Store and NLA
18.4.3. Configuring password-protected Credential Stores
18.4.4. Unlocking Credential Stores
18.4.5. Using Lieberman ERPM to authenticate on the target hosts
18.4.6. Using a custom Credential Store plugin to authenticate on the target hosts
18.5. Integrating external authentication and authorization systems
18.5.1. How Authentication and Authorization plugins work
18.5.2. Authorizing connections to the target hosts with a PSM plugin
18.5.3. Performing authentication with AA plugin in terminal connections
18.5.4. Performing authentication with AA plugin in Remote Desktop connections
18.5.5. Integrating ticketing systems
18.6. Ingesting logs with PSM
18.7. Creating a custom plugin
18.7.1. The available Python environment
18.7.2. File structure of a plugin
18.7.3. Plugin versioning
18.7.4. Troubleshooting plugins

This chapter describes the advanced authentication and authorization techniques available in PSM.