User Types for Remote Privileged Access Management

in kron pam, users are separated into “pamonly” , “pamlimited\&rpam” , and “pam\&rpam” user types · the pamonly ( only internal as it is known in previous releases) user type can use web gui and desktop client to access the kronpam servers and use all features except for remote privileged access management · the pamlimited\&rpam ( only external as it is known in previous releases) user type can use remote privileged access management features and solely access device management on the kron pam web gui and desktop client (though over permissions can be granted to this user type, the user still can only access device management on the kron pam web gui and desktop client), · the pam\&rpam ( remoteaccessenabled as it is known in previous releases) user type can use both remote privileged access management and features on the kron pam web gui and desktop client together user type web gui & desktop client remote privileged access management pamonly yes no pamlimited\&rpam limited (device management only) yes pam\&pram yes yes two remote privileged access management boolean flags should be defined to handle user types these flags are attached to user groups and users the boolean flag attached to the user group shows whether the members of the user group are pam\&rpam or pamonly user types altogether this flag can be called pam\&rpam , and if this flag is true, the members of the user group are pam\&rpam user types, if this flag is false, the members of the user group are pamonly user types the boolean flag attached to the user shows whether the user is pamonly , pam\&rpam or pamlimited\&rpam user type this flag can be called pamlimited\&rpam , and if this flag is true, the user is pamlimited\&rpam user type and if this flag is false, the user is either pam\&rpam or pamonly depending on his/her group pam\&rpam ’s value pam\&rpam flag pamlimited\&rpam flag user type true true pamlimited\&rpam true false pam\&rpam false true pamlimited\&rpam false false pamonly