What do you like best?
For the price, this product cannot be beat. It does most, if not all, the same things as the fancier (and much pricier) competitors. I configured it to discover AD computers and users. During this discovery, it finds local services and scheduled tasks on every server, running under service account privileges, whether local or domain. For some AD user accounts (service accounts) it is rotating them on my various schedules. For all domain computers, it is rotating their local accounts on different schedules. It is doing everything I had Thycotic Secret Server doing at 1/4th the cost.
Their support is willing to get on webex's fairly quickly to walk through and resolve issues, even including developers to really dive into the weeds. Fixes/patches have been quick to be released on issues thus far.
I also love that it can be a jump box where I can force users who want to RDP to a server, to do so thru PMP. They must use PMP, browse to the server in question, and PMP will launch an RDP session for them. Plus, it records their session. Excellent!
What do you dislike?
I might have been biased coming from Secret Server, which I found very intuitive, but this product uses terminology and some steps I just find not intuitive and confusing. I think their owner/sharing/permissions strategy is flawed, which makes the configuration overly cumbersome. Resources must have owners (which I think is a flaw), but if that Resource is part of a group owned by someone else, things like password reset get wonky and probably fail. I've just made every resource "owned" by the same account to solve the problem. However, I feel like my role based access control is now broken in that if other admins were to start adding Resources, it would quickly get messy. Luckily I don't have that problem but I can see it happening. This "owner" concept also is a bad idea because what if an owner leaves the company, now someone has to go into PMP, find all Resources owned by that guy, and re-assign. It's a pain and would just be better without the concept of an owner, but merely using permissions/RBAC to control access to Resources.
Recommendations to others considering the product
Don't sweat the off shore support, those guys are good. I think it's an Indian company anyway so technically they are not off-shore from where the company is.
Can't speak for the API stuff, but I would say it matches everything Secret Server does, albeit in a less intuitive manner.
What business problems are you solving with the product? What benefits have you realized?
The main problem solved is password managed / privileged user access. Local server accounts and domain privileged accounts were rarely, if ever, rotated as no one knew where the accounts might be used. PMP automatically discovers those links and handles them all. I've also used this tool to forcibly negate other admins from storing passwords in other, non-approved methods. Since PMP rotates passwords very frequently, in some cases daily, the other non-approved methods are quickly out of date and admins are forced to use PMP to get the latest password.