Authorized users can define the target devices’ users as Password Vault accounts. When configuring a dynamic Password Vault account, Kron PAM establishes a connection to the target system and changes the old password with a random password generated by the Password Vault. The new password is encrypted and stored on the Kron PAM database.
To add a Dynamic account:

(type of the target system). Kron PAM has pre-defined configurations for Password Vault, but any device configuration can be added from the Configuration tab. This is detailed in the upcoming sections: Account Group Name, Owner of Vault,  Enter Account Name, Private, Enable /Disable Duallock, and Additional Information (Description, Secret Notes, Additional Info, and Account Tags).

 is available on the Vault Definition screen, and the admins can specify when the passwords are to be changed.

If the change period type is selected as 

 textbox appears, and the Password change frequency information (in days) can be entered in that field.

 combo box appears on the screen with the following choices:

, then all days of the week appear on the screen, and the days on which the password needs change can be selected. It is possible to select more than one day. Additionally, it is possible to define the time of day at which the password is desired to be changed from the 

, day of the month on which the password is to be changed needs to be selected. After selecting the 

 value, it is also necessary to choose how many months need to go by before the next password change is triggered automatically.

Private, Change the period, Owner, Username, Password, and Configuration. 

, when the relevant Configuration is selected in the Vault account definition screen, the parameters defined in the config are shown on the screen and cannot be changed by the user.

. If there is a change in the values on a 

, the values of all vault accounts belonging to this configuration will be updated when the first password change job runs.
Chiefly, if a

Miscellaneous > Account Level Properties > Change Period 

when the relevant Configuration is selected in the vault definition screen, this new Account Level Properties Change Period parameter will be most dominant for new accounts and can’t be changed by users.

Learn how to configure and add a SAPM account for your system to define privileged users on target devices. Find out how a SAPM account establishes a secure connection and generates encrypted passwords. Follow the steps to add a Dynamic account in the SAP

Adding Dynamic Accounts in Password Vault

Adding Dynamic Configured Static Accounts in Password Vault

Adding Static Configured Static Accounts in Vault

Export Vault Account

Account Tags

Adding Accounts in Password Vault

3.8.0 Kron PAM Web GUI

License Manager

Email Server Configuration

Language Settings

Menu Lists Management

System Configuration Parameters

Enabling Push Notifications for Kron PAM Mobile Client Application

Enabling HTTPS on the Kron PAM Web GUI

Backup Management

SAML Authentication

Hardware Security Module (HSM) Integration

Windows Authentication on the Kron PAM GUI

PKI Authentication

SMS Configuration

Logo and Background Customization

Multitenancy

Kron PAM Administration

Manual User Creation

Kron PAM Users Search

User Actions Menu

Editing Kron PAM Users

Editing User Properties

Temporary User

Local User Bulk Import

New User Request

Force New User to Change Password 

User Password Strength Settings 

User Password Hash Algorithm Settings

Notifying Inactive Users Before Lock

LDAP/Active Directory Integration

User Group Creation

Assigned Credentials

SSH Keys Manager

User Management

Element Type

Device Groups

Device Inventory

Device Management

Policy Key Creation

Policy Groups Creation

Device Realm Creation

Policy Tracking

Policy Management

Managerial Approval for Connections 

Managerial Approval Connection Reservation

Managerial Policy Reservation

Managerial Approval for Commands

Managerial Approval in Shared Account Password Manager (Vault)

Approval Workflow

Approval Workflow SMS Settings

Approval Management

SSH Proxy

RDP Proxy

HTTP Proxy

Advanced Authorization Methods

User and Entity Behavior Analytics

Session Manager

Password Vault

Application Token

Audit

Vault Agent

Secrets

Sending the MFA QR Code to Users

Creating a Connection Between Kron PAM and the Kron PAM Mobile Client Application

Enabling Multi-Factor Authentication (MFA)

Using MFA to Log in to the Kron PAM Web GUI

Using MFA to Log in to the Kron PAM Desktop Client

Using MFA for SSH Connections

Using MFA for RDP Connections

Using MFA for SSH Proxy

Using MFA for HTTP Proxy

Using MFA for SFTP Proxy

Using MFA for TACACS+ Manager

Using MFA for Radius

Using MFA for Kron PAM Mobile Client Application

Using MFA for Secure Remote Access

Offline Mode Settings

Using SMS for MFA

Using E-mail for MFA

User Token Management

Using Hardware Tokens for MFA

Using Authentication Key (FIDO Key) for MFA

Using Keystroke for User Behavior Analytics

MFA Configurations for VPN Services

External MFA Providers

Multi-Factor Authentication

Basic Configurations for Unified Access Management

MSCHAPv2 RADIUS Configuration

TACACS+ Management Configuration Page 

Unified Access Manager

Sensitive Data Discovery

SFTP Proxy

Data Access Manager

Importing Devices from Amazon Web Services

Importing Devices from Microsoft Azure

Importing Devices from the Google Cloud Platform

Cloud PAM

CSP Account Definition

Enabling CIEM Service

Cloud Infrastructure Entitlement Management (CIEM)

Creating Script Group

Creating Script

Adding a Script Realm

Running a Script

Privileged Task Automation Logs

Privileged Task Automation

Kron PAM Logs

Active Sessions and Dual Control

System Log Viewer

SIEM Configuration

Reports

Threat Analytics and Response Dashboard

Tamper-Evident Logging

Kron PAM Reporting and Logging Functions

Monitoring

Alarms

Alarm Configuration

Monitoring & Alarms

Watchdog Configuration 

Watchdog Mechanism

High Availability

Failover Scenario

Visualizing Reports and User Rights

Creating Charts for Reporting

Creating Dashboards

Scheduling Reports

Dynamic Reports

Reporting

Logical Architecture

Tenant Management Requirements 

Tenant Management Interface

Administration by Tenant Admins

System Config Manager Parameters for Multitenancy

DevOps Integration

Kron PAM Remote Access Portal

Secure Remote Access Connector

Remote Access Configuration in Kron PAM

Kron PAM Remote Access

APPENDIX 1: System Config Manager Parameters

APPENDIX 2: Job Descriptions for Job Scheduler

Reference Guide