Portal
Forum
Devolutions Force
Hub Business
Hub Personal
Devolutions Send
Devolutions Academy
RDM
Workspace
Launcher
We’re excited to introduce the latest version of Devolutions PAM, our first major update of the year: version 2025.1! This update brings several powerful new features designed to enhance security and flexibility, making it easier to manage privileged accounts across various systems. Let’s dive into what’s new and how these changes can streamline your workflows.
PAM-specific permission support
PAM accounts now support specific permissions such as resetting passwords, forcing check-ins, or reading logs. Lock down your PAM accounts even further with these PAM-specific permissions!
Import all admin accounts with the Active Directory built-in PAM provider
Every organization is unique, and not all Windows local administrative accounts are equal. When managing privileged access, import all administrative accounts instead of just the default to support even more scenarios!
Just-in-time account creation and deletion
Once enabled under a supported provider, such as Active Directory, navigate to Advanced Settings and configure the JIT template account creation location. Now, when you check out a PAM account with just-in-time settings, a new temporary account with the requested permissions is created for the duration of the checkout.
Devolutions PAM in RDM
You can now configure, discover, and import accounts from Devolutions PAM directly within RDM, accommodating you wherever you want to work. You no longer need to navigate to the web interface to configure providers and propagation scripts or discover and import accounts!
Enhanced SSH key management in PAM
Manage your SSH keys in one place with the new SSH Key built-in provider for Devolutions PAM. Rotate and positively control SSH keys across systems and ensure you know who has what accesses!
The account used by the PAM SSH Key provider requires access to all authorized_keys files, where Devolutions PAM will manage the accounts. Running StrictModes is recommended in SSH configurations; one way to keep this configuration and support Devolutions PAM is via the following commands. The setfacl command requires a filesystem that supports ACLs.
setfacl -m u:pamprovideraccount:--x /home/account
setfacl -m u:pamprovideraccount:--x /home/account/.ssh
setfacl -m u:pamprovideraccount:rw /home/account/.ssh/authorized_keys
We're continually improving this functionality and adapting it to work on various systems, such as those that do not support ACL.
Tell us what you think
We’d love to hear your thoughts on the new features in Devolutions PAM 2025.1! How do these updates affect your daily operations? Have you found a particular feature to be especially useful? Share your feedback with us in the comments section below or on our forum, and let us know how we can continue to enhance your experience.
About Devolutions PAM
Easy to implement and scalable, Devolutions PAM is the ideal privileged access management (PAM) solution for small to medium-sized businesses (SMBs) looking to enhance their security posture while maintaining operational efficiency. Designed to protect, control, and monitor access to critical assets within any IT infrastructure, Devolutions PAM provides a powerful set of tools for managing privileged credentials and sessions, offering deep security, visibility, and accountability across the enterprise. Available as a module for Devolutions Server or Devolutions Hub Business and as a seamless integration with Remote Desktop Manager, Devolutions PAM ensures robust access control, mitigates privileged account risks, and secures remote sessions — all while being reasonably priced for SMBs.
