v37
Search docs
Kโ
Home
Guides
API Reference
v37
Home
Guides
API Reference
Getting Started
Introduction
Quick PrivX Setup
Quick SSH Access
Importing Users And Hosts
Configuring SSH Target Host to Accept PrivX Connections
Deployment
Overview
Release Notes for This Release
Preparing for Deployment
Get PrivX Software
Setting Up PrivX Components
Deploying PrivX to Amazon Web Services
Deploying PrivX to Google Cloud Platform: architecture blueprint
Deploying PrivX to Azure: architecture blueprint
Deploying PrivX to Oracle Cloud
Deploying to Kubernetes
High-Availability Deployment
License Management
Backup and Restore
Native SSH and RDP Clients
Production-Readiness Checklist
Integrating PrivX With XSOAR
Users and Permissions
Adding PrivX Users
Granting User Permissions
Managing Workflows
User Configuration
Additional Authentication Methods
Managing User Secrets
Password Change for AD and LDAP Users
Managing User Sessions
Authenticating to Hosts
Supported Authentication Methods
SSH Certificate Authentication
RDP Certificate Authentication
VNC Certificate Authentication
Script-Based Certificate-Authentication Setup
Certificate-Authentication Setup via Chef
Manual Certificate Authentication Setup
Public Key Authentication
Stored Passwords
Example VNC-Server Setup
Trusting Target-Host Identities
Connection Management
Setting up Hosts
Connecting via The PrivX GUI
SSH Connections with Native Clients
RDP Connections with Native Clients
Database Connections with Native Clients
Network Targets
Website Access via PrivX
AWS CLI Connection with Native Client
Monitoring and Managing Connections
Automatic M2M SSH Connections
Auditing
Viewing Audit Data
SIEM Integration
Session Recording
External Logging
Matching Certificate-Based-Login Messages
Audit Events Reference
Audit Event Details
Splunk Integration
UEBA Configuration
Exporting List Data
Advanced Configuration
Best Practices
SSL/TLS Security
PrivX-Server Configuration
Extender Configuration
Carrier and Web Proxy Configuration
API-Client Integration
Configuring Ephemeral Credential Access For Aws Api
Certificate Authentication For Code Repositories
Network Target Access
Rotating Stored Passwords
Ssh Command Restrictions
GUI Configuration
Admin Command-Line Tool
Disk-Space Alerts
Audit Event Indexing for Faster Searches
Password Management for AD/Entra Domains
Integrations
User Directories
Host Directories
HSM Providers
SCIM
ICAP Servers
PrivX as OIDC Identity Provider
Troubleshooting
General Troubleshooting
Connections fail with error Too Many Authentication Failures
Directory users are not listed
List users view does not display all attributes
Resolving x509: Common Name certificate error
All microservices fail to start except Keyvault
Deploy script fails to trust AWS CA TLS certificate
Windows login failures
Windows revocation failures
OpenSSH 7.8 Client Not Supported
Error "smart card logon is not supported for your user account"
Hosts with "Directory" Account Enabled not visible in Connections
Login with Correct Username and Password Fails
All Microservices apart from Keyvault down
AD that has previously worked fails
Error "Administratively prohibited" with Native Clients and Extenders
Error "Unable to connect to Extender/Carrier" during Web Connections
Error "Unable to connect to Web Proxy" during Web Connections
Error "Host cannot be redeployed" when deploying a new Cloned Host
Error "Bad Configuration Option: AuthorizedPrincipalsCommand" when running the deploy script
Microsoft Remote Desktop version 10 for Mac does not display text
Error "proxy server is refusing connections" during Web Connections on RHEL8
RDP native client times out
Error "USER-STORE [ERROR] Server error: listen tcp :8084: bind: address already in use" when running in Azure
OIDC Login
"[ERROR] DB connection failure: x509: certificate has expired or is not yet valid. Retrying in 15 seconds...
File transfer in RDP session is slow
Error "Remaining connection slots are reserved for non-replication superuser connections"
Permission errors when accessing PrivX audit folders
Password rotation does not work for Windows 2012 R2
Extender fails to register to PrivX because certificate expired
Installation and Upgrade Errors
Permission Denied When Accessing PostgreSQL-Database Targets
Knowledge Base
Search Syntax
PrivX microservices architecture
PrivX web access architecture
Websockets and the PrivX Carrier browser
Customizing the PrivX Carrier browser
PrivX RDP Admin Access Deployment in Multi-Domain Environment
Vault and M2M
Onboarding SSH target hosts to PrivX via Ansible
Onboarding SSH target hosts to PrivX via Chef
Onboarding AWS, Azure & Google Cloud SSH target hosts the simple way
Enabling TLS 1.3
Removing Hosts from Directories
Configuring Gitlab access through PrivX SSH certificate authentication
PrivX Analytics
Connection method vs feature matrix
Setting up and upgrading PrivX with custom network ports
Supported SSH Algorithms
Supported SFTP Protocol Versions
PrivX Settings
Granting Password-based root access via Roles
Requesting and granting roles, Passwordless Access
Passwordless SSH And RDP Access
PrivX AWS High Availability Installation tith two ELBs
How to install PrivX
OSS Acknowledgements
End-user license agreement (EULA)
Documentation Conventions
Previous Release Notes
PrivX Login Flow and State Storage
Changing PrivX database name, username or password
Changing notification mechanism to PostgreSQL
Migrate from CentOS 8
Merging changes Oon Extender/Carrier/WebProxy upgrade
Mapping Directory Users to Additional Accounts
Upgrade from Older Releases
Improve performance with indexing
Migrate from EOL Operating Systems
PrivX on Kubernetes
Managed Accounts as Reusable Credentials
Features Available During Zero-Downtime Upgrade
Certificate-Authentication Support in Full-Enforcement Domains
PrivX Comparisons
Kerberos
Guacamole
FAQ
Auditing & Reporting
Architecture
Authentication, Access Control and Identity Management
Buying And Trying
Compliance
Connectivity
Data Encryption
Data Retention
Functional Use Cases
Integrations And System Monitoring
Licensing
Miscellaneous
Operation Security Maintenance
Operational Technology (OT)
PrivX Components
Product Info
Product Features
Security
Session Recording and Playback
Support and Services
Tips and Tricks
PrivX LTS (Long-Term Support) Introduction
Getting Started
Introduction
Quick PrivX Setup
Quick SSH Access
Importing Users And Hosts
Configuring SSH Target Host to Accept PrivX Connections
Deployment
Overview
Release Notes for This Release
Preparing for Deployment
Get PrivX Software
Setting Up PrivX Components
Deploying PrivX to Amazon Web Services
Deploying PrivX to Google Cloud Platform: architecture blueprint
Deploying PrivX to Azure: architecture blueprint
Deploying PrivX to Oracle Cloud
Deploying to Kubernetes
High-Availability Deployment
License Management
Backup and Restore
Native SSH and RDP Clients
Production-Readiness Checklist
Integrating PrivX With XSOAR
Users and Permissions
Adding PrivX Users
Granting User Permissions
Managing Workflows
User Configuration
Additional Authentication Methods
Managing User Secrets
Password Change for AD and LDAP Users
Managing User Sessions
Authenticating to Hosts
Supported Authentication Methods
SSH Certificate Authentication
RDP Certificate Authentication
VNC Certificate Authentication
Script-Based Certificate-Authentication Setup
Certificate-Authentication Setup via Chef
Manual Certificate Authentication Setup
Public Key Authentication
Stored Passwords
Example VNC-Server Setup
Trusting Target-Host Identities
Connection Management
Setting up Hosts
Connecting via The PrivX GUI
SSH Connections with Native Clients
RDP Connections with Native Clients
Database Connections with Native Clients
Network Targets
Website Access via PrivX
AWS CLI Connection with Native Client
Monitoring and Managing Connections
Automatic M2M SSH Connections
Auditing
Viewing Audit Data
SIEM Integration
Session Recording
External Logging
Matching Certificate-Based-Login Messages
Audit Events Reference
Audit Event Details
Splunk Integration
UEBA Configuration
Exporting List Data
Advanced Configuration
Best Practices
SSL/TLS Security
PrivX-Server Configuration
Extender Configuration
Carrier and Web Proxy Configuration
API-Client Integration
Configuring Ephemeral Credential Access For Aws Api
Certificate Authentication For Code Repositories
Network Target Access
Rotating Stored Passwords
Ssh Command Restrictions
GUI Configuration
Admin Command-Line Tool
Disk-Space Alerts
Audit Event Indexing for Faster Searches
Password Management for AD/Entra Domains
Integrations
User Directories
Host Directories
HSM Providers
SCIM
ICAP Servers
PrivX as OIDC Identity Provider
Troubleshooting
General Troubleshooting
Connections fail with error Too Many Authentication Failures
Directory users are not listed
List users view does not display all attributes
Resolving x509: Common Name certificate error
All microservices fail to start except Keyvault
Deploy script fails to trust AWS CA TLS certificate
Windows login failures
Windows revocation failures
OpenSSH 7.8 Client Not Supported
Error "smart card logon is not supported for your user account"
Hosts with "Directory" Account Enabled not visible in Connections
Login with Correct Username and Password Fails
All Microservices apart from Keyvault down
AD that has previously worked fails
Error "Administratively prohibited" with Native Clients and Extenders
Error "Unable to connect to Extender/Carrier" during Web Connections
Error "Unable to connect to Web Proxy" during Web Connections
Error "Host cannot be redeployed" when deploying a new Cloned Host
Error "Bad Configuration Option: AuthorizedPrincipalsCommand" when running the deploy script
Microsoft Remote Desktop version 10 for Mac does not display text
Error "proxy server is refusing connections" during Web Connections on RHEL8
RDP native client times out
Error "USER-STORE [ERROR] Server error: listen tcp :8084: bind: address already in use" when running in Azure
OIDC Login
"[ERROR] DB connection failure: x509: certificate has expired or is not yet valid. Retrying in 15 seconds...
File transfer in RDP session is slow
Error "Remaining connection slots are reserved for non-replication superuser connections"
Permission errors when accessing PrivX audit folders
Password rotation does not work for Windows 2012 R2
Extender fails to register to PrivX because certificate expired
Installation and Upgrade Errors
Permission Denied When Accessing PostgreSQL-Database Targets
Knowledge Base
Search Syntax
PrivX microservices architecture
PrivX web access architecture
Websockets and the PrivX Carrier browser
Customizing the PrivX Carrier browser
PrivX RDP Admin Access Deployment in Multi-Domain Environment
Vault and M2M
Onboarding SSH target hosts to PrivX via Ansible
Onboarding SSH target hosts to PrivX via Chef
Onboarding AWS, Azure & Google Cloud SSH target hosts the simple way
Enabling TLS 1.3
Removing Hosts from Directories
Configuring Gitlab access through PrivX SSH certificate authentication
PrivX Analytics
Connection method vs feature matrix
Setting up and upgrading PrivX with custom network ports
Supported SSH Algorithms
Supported SFTP Protocol Versions
PrivX Settings
Granting Password-based root access via Roles
Requesting and granting roles, Passwordless Access
Passwordless SSH And RDP Access
PrivX AWS High Availability Installation tith two ELBs
How to install PrivX
OSS Acknowledgements
End-user license agreement (EULA)
Documentation Conventions
Previous Release Notes
PrivX Login Flow and State Storage
Changing PrivX database name, username or password
Changing notification mechanism to PostgreSQL
Migrate from CentOS 8
Merging changes Oon Extender/Carrier/WebProxy upgrade
Mapping Directory Users to Additional Accounts
Upgrade from Older Releases
Improve performance with indexing
Migrate from EOL Operating Systems
PrivX on Kubernetes
Managed Accounts as Reusable Credentials
Features Available During Zero-Downtime Upgrade
Certificate-Authentication Support in Full-Enforcement Domains
PrivX Comparisons
Kerberos
Guacamole
FAQ
Auditing & Reporting
Architecture
Authentication, Access Control and Identity Management
Buying And Trying
Compliance
Connectivity
Data Encryption
Data Retention
Functional Use Cases
Integrations And System Monitoring
Licensing
Miscellaneous
Operation Security Maintenance
Operational Technology (OT)
PrivX Components
Product Info
Product Features
Security
Session Recording and Playback
Support and Services
Tips and Tricks
PrivX LTS (Long-Term Support) Introduction
Auditing
โบ
Audit Events Reference