Primary user tracking
What's covered
Configure User Logon Inventory Policy
Configure Default Update Primary User for Collection Task
Manually Override the Primary User
Overview
Local Security Solution (LSS) can track user logons in order to determine the primary user for each machine. The Thycotic Local Security Agent collects logon and logoff events and reports them as inventory data. The Default Update Primary User for Collection task calculates the primary user on AMS. The primary user and associated inventory data can then be viewed in Resource Manager.
Configure user logon inventory policy
The Thycotic Local Security Agent collects logon and logoff events from windows on a schedule configured via the User logon inventory policy.
- Open the Policies tab in the Arellia Security Manager console.
- In the policies tree navigate to Policies > Thycotic Solutions > Local Security > Policies > User Logon Inventory Policy.
- Configure the schedule and the targeted computers and click Save.
You can collect logon events immediately by running the Collect Windows Logon Events which you can find in the Tasks tab, Jobs And Tasks section, navigate to Jobs and Tasks > Client Tasks > Local Security > Collect Windows Logon Events.
Configure default update primary user for collection task
The default update primary user for collection task calculates the primary user on a schedule from inventory data.
- Open the Tasks tab in the Thycotic Security Manager console.
- Open the Jobs and Tasks section on the left.
- Navigate to Jobs and Tasks > Server Tasks > Local Security > Default Update Primary User for Collection.
- Configure the settings and schedule and click Save.
You can run the Update Primary User task at any time to immediately recalculate the primary user for all computers in the selected collection.
View primary user
Using LSS, you can view a computer on your network and find out who the primary user is by doing the following steps:
- In the Thycotic Security Manager, click Resources.
- In the file library in the left pane, navigate to Default > All Resources > Asset > Network Resource > Computer.
- In the right pane, right-click a computer and then click Show Primary User.
In Resource Explorer
In the Resource Explorer in the upper left corner, the Primary User is included with the computer information.
Manually override the primary user
You can manually override the Primary User of a computer by doing the following steps:
- In the Resource Explorer in the lower left corner under Actions, click Show Primary User.
- In the Computer Primary User dialog box, select the Override checkbox.
- Click the Select... link.
- In the Select Resource dialog box, double-click the name you want to be listed as the primary user.
- In the Computer Primary User dialog box, click okay.