System and Method for As Needed Connection Escalation

摘要

A method includes selecting a first connection between a connection manager and a managed system, the first connection being associated with a first privilege level, communicating by the connection manager a first command to the managed system via the first connection, determining that a second command is executable on the managed system using a connection that is associated with a second privilege level, the second privilege level being a lower privilege level than the first privilege level, selecting a second connection between the connection manager and the managed system, the second connection being associated with the second privilege level, and communicating, by the connection manager, the second command to the managed system via the second connection.

主权项

1. A method comprising:
receiving, by a connection manager, a first command for a managed system from a command source, the first command associated with a first privilege level on the managed system; determining, by the connection manager, that the command source has a first privilege level authorization on the managed system in response to receiving the first command, the first privilege level authorization being associated with the first privilege level; establishing a first connection between the connection manager and the managed system in response to determining that the command source has the first privilege level authorization on the managed system, the first connection being associated with the first privilege level; communicating, by the connection manager, the first command to the managed system via the first connection; receiving, by the connection manager, a second command for the managed system from the command source, the second command associated with a second privilege level on the managed system, the second privilege level being a lower privilege level than the first privilege level; determining, by the connection manager, that the command source has a first privilege level authorization on the managed system in response to receiving the second command, the second privilege level authorization being associated with the second privilege level; establishing a second connection between the connection manager and the managed system in response to determining that the command source has the second privilege level authorization on the managed system, the second connection being associated with the second privilege level; and communicating, by the connection manager, the second command to the managed system via the second connection;