Recent Searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            How To: Retrieve credentials from Osirium PAM

            Modified on Fri, 26 Jan 2024 at 05:00 PM

            Summary

            If you are required to replace Osirium PAM, there is key information such as account credentials, session recordings etc that you may wish to extract from the PAM Server before it is decommissioned.


            This article provides instructions on how to retrieve credentials for all Known, Managed and control accounts from the PAM Server and export them in a KeePass file. For a full list of recommended offboarding tasks see Offboarding Data from Osirium PAM.


            Applicable Versions

            9.0.x


            Details


            Note

            User MUST have an Osirium PAM role of Owner to carry out this task. 


            To retrieve credentials for all Known, Managed and control accounts from Osirium PAM:

            1. Within the Admin Interface click Accounts in the left-hand menu.
            2. On the Manage accounts page, click on the GENERATE BREAKGLASS button. 
            3. Within the Generate breakglass window, enter the required details:
              HeadingDescription
              My passwordYour Osirium PAM logon password.
              KeePass passwordThe password that will be used to encrypt the breakglass file.
              NOTE If a password policy has been configured then this password must conform to the policy settings. See PAM Server local password policy.
              KeePass password againConfirm the above.
            4. Click GENERATE.  
            5. Within the Question window, click YES once you have confirmed the file has been downloaded.  Depending on your setup, the file will be downloaded as follows: 
              • If your Admin Interface is NOT being recorded and depending on how your browser is set up, the file will either be downloaded or you will be prompted to select a location to save the file. 
              • If your Admin Interface is being recorded, then you will need to use the Shared Drive to download the file. Click here for more information.
            6. On your workstation, find the location of the downloaded Backup file and extract it to a suitable location. You will see the breakglass.kdbx file listed.  To view the .kdbx file you will need a Keepass Password Safe application https://keepass.info/download.html.
            7. Open the .kdbx file within your Keepass Password Safe application.
            8. Enter the Backup breakglass passphrase configured in the Admin Interface.
            9. Within the KeePass Password Safe window, select the device in the left-hand menu that you want to reveal the password for.
            10. In the right-hand window, select the account, right-click, and select Copy Password from the menu.
            11. The password copied from the KeePass breakglass file is copied to you local clipboard and available to be pasted.



            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select atleast one of the reasons

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0