Create a project

To create a project:

  1. Click Projects.
  2. Click Create Project.
  3. Enter an name to identify the project. It may contain letters, numbers, and dashes (-), underscores (_), or periods (.).
  4. Select the Require Preauthorization check box if you want Advanced Server Access to only issue credentials to preauthorized users.
  5. Choose whether to provision users when a server is enrolled in the project, or to provision users on demand.

    To use the default method of provisioning users when a server is enrolled to the project, select Disabled from the On Demand User TTL (Time to Live) drop-down box.

    To provision users on an on-demand basis, select a time value from the On Demand User TTL drop-down box (for example, 14 days). When a TTL value is set for the project, then an account for a user is provisioned when the user signs in to the server. After the TTL period has passed, or when the user signs out, the account is removed from the server.

    Note: To use on demand users, your servers must be configured to allow the Advanced Server Access agent to be accessible from port 4421 of the previous network hop. For example, if your client uses a bastion to connect to the server, then the Advanced Server Access agent must be accessible from port 4421 of the bastion. In the case where the client connects directly to the server, then the Advanced Server Access agent must be accessible from port 4421 of the client.

  6. Set the initial Unix UID and GID values that Advanced Server Access will use to assign Unix user IDs and group IDs, respectively. You can also explicitly assign UID and GID values to a user. See User and group attributes.
  7. The Manage Server Users option is selected by default. This lets the Advanced Server Access agent create and manage local user accounts on your servers. The agent will create an account on each server in the project for every user in the groups that belong to the project. You can view a list of these accounts in a project by selecting the Users tab.

    Clear the Manage Server Users check box if you don't want the agent to manage server accounts.

  8. Click Submit to create the project.

Related topics