Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Alternative Saviynt-AD Connection

GOE
Regular Contributor
Regular Contributor

‎01/12/2024 01:24 PM

Hello,

We have a customer who is removing LDAP connectivity to their AD, org-wide per the 2024 board mandate. They would ideally like to use GMSA or Kerberos to connect to AD from Saviynt. Per our checks, GMSA is not supported and not on the roadmap too (idea portal response). The vault option too cannot be used here, since LDAP will be disabled org-wide for this customer.

Considering this, what are the options available to us to connect to AD? 

Thanks

Labels:
0 Kudos
1 REPLY 1

rushikeshvartak
All-Star
All-Star

‎01/14/2024 05:33 PM

Saviynt supports various methods for connecting to Active Directory (AD) other than using Generic Managed Service Accounts (GMSA) or Kerberos. Some alternative methods include:

1. Username/Password Authentication:
- You can configure Saviynt to use traditional username/password authentication for connecting to Active Directory.

2. Certificate-Based Authentication:
- Saviynt can be configured to use certificates for authentication. This involves creating and managing X.509 certificates for secure communication.

3. OAuth Authentication:
- OAuth (Open Authorization) is another authentication method that Saviynt may support. This involves obtaining an access token for authentication.

4. LDAP Connection:
- Saviynt can also connect to Active Directory using LDAP (Lightweight Directory Access Protocol) for directory services.

5. Service Account Authentication:
- Instead of GMSA, you can use a regular service account with a username and password for authentication.

 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos
Copyright © 2024 Khoros, LLC