Skip to main content
Skip table of contents

Password Management


The Password Management (PAM) feature allows the credentials of shared privileged accounts to be securely stored and managed by using secrets (where these credentials are stored in encrypted form in the database), and role-based access control to be implemented. The system supports the JIT (Just in Time) PAM (Privileged Access Management) approach.

NOTE: This feature is only available with an activated serial key for the Enterprise Edition of Ekran System.


Either a Terminal Server license or a Terminal Server (Limited Sessions) license needs to be assigned to the Windows Client (jump server) computer via which users will get access to critical endpoints by using the Ekran System Connection Manager.

NOTE: A Workstation license can alternatively be assigned without the use of a jump server computer, if no more than one concurrent session is required.


A stand-alone component of Ekran System, called Ekran System Application Credentials Broker (ACB) is also available, which is a REST API integration tool designed to allow customers to securely (with access token rotation) get the PAM secrets data for applications, without needing to log in to the Management Tool, in order to use for their own business purposes.


Table of Contents

Getting Started with Password Management
Configuring Password Management
Configuring a Client Computer to Use the Ekran System Connection Manager
Managing Secrets
Using Secrets


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close