diff --git a/apps/applications/migrations/0019_databaseapp_kubernetesapp_remoteapp.py b/apps/applications/migrations/0019_databaseapp_kubernetesapp_remoteapp.py
index ae70ef606..6b78c5f42 100644
--- a/apps/applications/migrations/0019_databaseapp_kubernetesapp_remoteapp.py
+++ b/apps/applications/migrations/0019_databaseapp_kubernetesapp_remoteapp.py
@@ -3,6 +3,12 @@
 from django.db import migrations
 
 
+def drop_old_permissions(apps, schema_editor):
+    content_type_model = apps.get_model("rbac", "ContentType")
+    db_alias = schema_editor.connection.alias
+    content_type_model.objects.using(db_alias).filter(platform__startswith='Win').update(protocol='rdp')
+
+
 class Migration(migrations.Migration):
 
     dependencies = [
diff --git a/apps/applications/serializers/application.py b/apps/applications/serializers/application.py
index 25171f181..9b62d1dc1 100644
--- a/apps/applications/serializers/application.py
+++ b/apps/applications/serializers/application.py
@@ -119,7 +119,8 @@ class AppAccountSerializer(AppSerializerMixin, AuthSerializerMixin, BulkOrgResou
             'username': {'default': '', 'required': False},
             'password': {'write_only': True},
             'app_display': {'label': _('Application display')},
-            'systemuser_display': {'label': _('System User')}
+            'systemuser_display': {'label': _('System User')},
+            'account': {'label': _('account')}
         }
         use_model_bulk_create = True
         model_bulk_create_kwargs = {
diff --git a/apps/jumpserver/settings/_xpack.py b/apps/jumpserver/settings/_xpack.py
index 9f4319a35..322740201 100644
--- a/apps/jumpserver/settings/_xpack.py
+++ b/apps/jumpserver/settings/_xpack.py
@@ -6,6 +6,7 @@ from .. import const
 from .base import INSTALLED_APPS, TEMPLATES
 
 XPACK_DIR = os.path.join(const.BASE_DIR, 'xpack')
+# XPACK_ENABLED = False
 XPACK_ENABLED = os.path.isdir(XPACK_DIR)
 XPACK_TEMPLATES_DIR = []
 XPACK_CONTEXT_PROCESSOR = []
diff --git a/apps/locale/zh/LC_MESSAGES/django.mo b/apps/locale/zh/LC_MESSAGES/django.mo
index bfd131464..64bd4ddc2 100644
--- a/apps/locale/zh/LC_MESSAGES/django.mo
+++ b/apps/locale/zh/LC_MESSAGES/django.mo
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:2f386ac5fff4a8cb0aeb156601148716981c2bbbb14b9162955b3d0dc95da70d
-size 107823
+oid sha256:4503a69c7536bf3ae9c6ad4c7ec5e5ad48e3a1672239b8ccdb7b100cb79860c1
+size 107862
diff --git a/apps/locale/zh/LC_MESSAGES/django.po b/apps/locale/zh/LC_MESSAGES/django.po
index e16051875..bfc3ed988 100644
--- a/apps/locale/zh/LC_MESSAGES/django.po
+++ b/apps/locale/zh/LC_MESSAGES/django.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: JumpServer 0.3.3\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-03-10 15:35+0800\n"
+"POT-Creation-Date: 2022-03-10 10:33+0800\n"
 "PO-Revision-Date: 2021-05-20 10:54+0800\n"
 "Last-Translator: ibuler <ibuler@qq.com>\n"
 "Language-Team: JumpServer team<ibuler@qq.com>\n"
@@ -129,7 +129,7 @@ msgstr "登录访问控制"
 
 #: acls/models/login_asset_acl.py:21
 #: applications/serializers/application.py:122
-#: applications/serializers/application.py:166
+#: applications/serializers/application.py:167
 msgid "System User"
 msgstr "系统用户"
 
@@ -397,10 +397,14 @@ msgid "Date updated"
 msgstr "更新日期"
 
 #: applications/serializers/application.py:121
-#: applications/serializers/application.py:165
+#: applications/serializers/application.py:166
 msgid "Application display"
 msgstr "应用名称"
 
+#: applications/serializers/application.py:123
+msgid "account"
+msgstr "账号"
+
 #: applications/serializers/attrs/application_category/cloud.py:8
 #: assets/models/cluster.py:40
 msgid "Cluster"
diff --git a/apps/rbac/builtin.py b/apps/rbac/builtin.py
index 4d9f7bc8d..df3820765 100644
--- a/apps/rbac/builtin.py
+++ b/apps/rbac/builtin.py
@@ -26,6 +26,9 @@ user_perms = (
     ('rbac', 'menupermission', 'view', 'filemanager'),
     ('perms', 'permedasset', 'view,connect', 'myassets'),
     ('perms', 'permedapplication', 'view,connect', 'myapps'),
+    ('perms', 'permedkubernetesapp', 'view,connect', 'mykubernetesapp'),
+    ('perms', 'permedremoteApp', 'view,connect', 'myremoteapp'),
+    ('perms', 'permeddatabaseapp', 'view,connect', 'mydatabaseapp'),
     ('assets', 'asset', 'match', 'asset'),
     ('assets', 'systemuser', 'match', 'systemuser'),
     ('assets', 'node', 'match', 'node'),
diff --git a/apps/rbac/const.py b/apps/rbac/const.py
index b42f7ff3a..a720e58b5 100644
--- a/apps/rbac/const.py
+++ b/apps/rbac/const.py
@@ -26,9 +26,6 @@ exclude_permissions = (
     ('users', 'userpasswordhistory', '*', '*'),
     ('applications', 'applicationuser', '*', '*'),
     ('applications', 'historicalaccount', '*', '*'),
-    ('applications', 'databaseapp', '*', '*'),
-    ('applications', 'k8sapp', '*', '*'),
-    ('applications', 'remoteapp', '*', '*'),
     ('assets', 'adminuser', '*', '*'),
     ('assets', 'assetgroup', '*', '*'),
     ('assets', 'cluster', '*', '*'),
diff --git a/apps/rbac/migrations/0006_auto_20220307_1558.py b/apps/rbac/migrations/0006_auto_20220307_1558.py
index 7c4249271..0790e5c83 100644
--- a/apps/rbac/migrations/0006_auto_20220307_1558.py
+++ b/apps/rbac/migrations/0006_auto_20220307_1558.py
@@ -8,6 +8,7 @@ def delete_unused_permissions(apps, schema_editor):
     content_type_model = apps.get_model('rbac', 'ContentType')
     content_type_delete_required = [
         ('common', 'permission'),
+        ('applications', 'k8sapp'),
     ]
     for app, model in content_type_delete_required:
         content_type_model.objects.filter(app_label=app, model=model).delete()
diff --git a/apps/rbac/tree.py b/apps/rbac/tree.py
index 4b2efda86..69ac94b37 100644
--- a/apps/rbac/tree.py
+++ b/apps/rbac/tree.py
@@ -72,7 +72,7 @@ special_pid_mapper = {
     'xpack.applicationchangeauthplanexecution': 'app_change_plan_node',
     'xpack.applicationchangeauthplantask': 'app_change_plan_node',
     'xpack.changeauthplan': 'asset_change_plan_node',
-    'xpack.changeauthplanexecution': 'asset_change_plan_node',
+    'xpack.changeauthplanexecution': 'gather_account_node',
     'xpack.changeauthplantask': 'asset_change_plan_node',
     "assets.gathereduser": "gather_account_node",
     'xpack.gatherusertask': 'gather_account_node',
@@ -91,6 +91,12 @@ special_pid_mapper = {
     'perms.view_myapps': 'my_apps',
     'perms.connect_myapps': 'my_apps',
     'ops.commandexecution': 'view_workspace',
+    "perms.view_mykubernetsapp": "my_apps",
+    "perms.connect_mykubernetsapp": "my_apps",
+    "perms.view_myremoteapp": "my_apps",
+    "perms.connect_myremoteapp": "my_apps",
+    "perms.view_mydatabaseapp": "my_apps",
+    "perms.connect_mydatabaseapp": "my_apps",
 }
 
 verbose_name_mapper = {
@@ -100,7 +106,9 @@ verbose_name_mapper = {
 }
 
 xpack_nodes = [
-    'xpack', 'tickets',
+    'xpack', 'tickets', 'applications.remoteapp',
+    "assets.accountbackupplan", "assets.accountbackupplanexecution",
+    "rbac.orgrole", "rbac.orgrolebinding",
 ]