Managerial Approval Connection Reservation

for devices that require managerial approval for rdp/ssh/sftp/http proxy connections, users can make reservations for future dates to get their approvals before the planned activity to make a reservation for a single device, follow the steps below navigate to devices > inventory > reservation tab select target type as single device by clicking the + button start typing the host info in the host field and select the device that appears in the search results select a connection username if the reservation is specific to a connection username, then click the add button by default, users can enter a description in the reason field; this field is optional however, if desired, this field can be made mandatory by using the system parameter aioc connection reservation reason required you can find the details of this parameter in docid\ ii2vctbabmyk3zqmwyoel to add more devices to the reservation target list, repeat steps 2 to 4 with the next button, select time start and time end and click add reservation you can also add a device group to your target selection to add a device group, follow the steps below navigate to devices > inventory > reservation tab select target type as device group after clicking the plus + button start typing the host info in the host field and select the device group that appears in the search results select a connection username if the reservation is specific to a connection username, then click the add button optionally type a description in the reason field to add more device groups to the reservation, repeat steps 2 to 4 with the next button, select time start and time end, and click add reservation instead of a device, a remote application can also be added to the connection reservation (see docid\ fesi78lcdbqhqvg 2vmvk for more details) to add a remote application, follow the steps below navigate to devices > inventory > reservation tab select remote application as the reservation type after clicking the plus + button remote app name , rdp server , remote app user , and connection username fields will appear select the name of the remote application from the remote app name combo box the rdp devices in the device groups for which the selected remote app is enabled will appear in the rdp server combo box select one of them, or all of them to specify on which server the remote app connection is to be established the usernames available in the remote application auto login process will appear in the remote app user combo box select one of them, or all of them to specify which remote app user will be used during auto login the usernames enabled for the rdp server itself will appear in the connection username combo box select one of them, or all of them optionally type a description in the reason field to add more remote applications to the reservation, repeat steps 3 to 8 with the next button, select time start and time end and click add reservation any connection reservation request can include multiple single devices, device groups, and remote applications all at once user g roup managers can make reservations on behalf of the members of their groups to enable this ability, the reservation on behalf of group member function group must be added to the portal functions of the user group after adding the function group, a field called for user appears in the connection reservation tab when the group managers log in after completing these steps, the reservation record will appear in the my approvals list on the dashboard, and the manager responsible for approvals will receive the approval request email both the search results and the email include an approval id number this number can be used when searching for reservations in my approvals, reservations, and logging screens if the manager approves the request, the user can connect to the device(s) with the connection username within the specified reservation times if the manager does not approve or reject the request before the reservation end time, expired requests are indicated on the my approvals list by showing an expired status for such requests when you want to start the connection reservation process via email, the manager receives an email that includes this header \<instancename> connection reservation approval notification #\<approvalid> if you want to enable expiry notification of connection reservations, the aioc connection reservation expiration alert before values parameter should be saved as number of days on the system config manager thanks to this parameter, users can submit reservation requests again to extend the connection end time if the allow\ changing reservation time by approver system parameter set as true, the approver will be able to change the reservation time (start time and/or end time) during approval and kron pam will notify the requester of the time window change users should configure the kill session on reservation end parameter in the system configuration manager screen to ensure that sessions are terminated after the specified reservation time ends for more details about this parameter, please refer to docid\ ii2vctbabmyk3zqmwyoel users can be prevented from submitting reservation requests that exceed a certain duration (e g , 90 hours/days) when requesting approval through the system if the aioc connection reservation max allowed hours is defined (e g , 2160 hours = 90 days), users will not be able to submit reservation requests that exceed this limit when a user enters a duration beyond the limit on the reservation screen, the following warning message will be displayed " requested approval duration exceeds the allowed limit of 90 days ”