Devolutions ForumDevolutions Forum

JIT Configuration - Powershell Module

Implemented

JIT Configuration - Powershell Module

0 vote

avatar
npascuas

Hello,

We want to be able to configure the JIT settings using the powershell module, Is that something that could be added?

Regards,

Nicolas Pascuas

All Comments (2)

avatar
Maxime Bernier

Hello Nicolas,

Thank you for your request. A ticket will be opened to implement it.

Regards,

Maxime Bernier

avatar
Maxime Bernier

Hello,

The version 2023.3.0 of the Devolutions.PowerShell module allows you to edit the JIT settings of PAM providers.

To do so, Update-DSPamProvider has a new parameter: InputObject. It accepts PAM provider object, such as those obtained from Get-DSPamProvider. So you can modify the object directly (property JitElevationSettings) before updating it.

Two others cmdlets have been implemented:

  • Get-DSADGroup: For domain providers, it returns the groups present in an OU. The ProviderID parameter is required, and the DN parameter indicate the distinguished name of the OU containing the groups.
  • Get-AzureADGroup: For Azure providers, it returns all groups.


In both cases, a AsJITSettings switch can be used to wrap the groups in the corresponding JIT settings object. It is useful if the JITElevationSettings is not defined.

Let us know if you need anything else,

Best regards,

Maxime

Closed