Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Which of the AD connector to be used for the integration?

Go to solution
manigkannan
New Contributor
New Contributor

‎08/03/2022 03:01 AM

Hi All,

We have a scenario where the AD structure has nested domain similar to  (parentdomain.myorg) and then a child domain (child.parentdomain.myorg). All the objects are created and managed within child domain. The root domain has only domain admin accounts to manage these domains.  Our intention is to import accounts and access available in the child domain in to Saviynt. 

However, the documentation https://saviynt.freshdesk.com/support/solutions/articles/43000586673-saviynt-for-microsoft-active-di... mentions that the AD Connector is to be used with Single Domain whereas ADSI connector to be used for multiple domain and/or forest. But it does not provide clarity on whether AD connector treats parent-child trusted domains as Single domain.

So, need if anyone of you had integrated using AD Connector (not ADSI) to integrate with the root or parent domain (i.e. parentdomain.myorg) to support importing user accounts/user groups from child domain (i.e. child.parentdomain.myorg) into Saviynt EIC? AD user configured on the connector will have access to child domain.

Thanks & Regards,

Mani

 

0 Kudos
2 REPLIES 2

Go to solution
sahajranajee
Saviynt Employee
Saviynt Employee

‎08/09/2022 12:40 AM

Hi @manigkannan ,

Please refer to the following documentation. This should give you more insights :
https://saviynt.freshdesk.com/support/solutions/articles/43000586673-saviynt-for-microsoft-active-di...

From the use case you listed, you can just use the AD connector and connect to the child domains and bring in the accounts and groups. There is not a need to connect to the parent domain unless there is an IGA use case for it.

 


Regards,
Sahaj Ranajee
Sr. Product Specialist

Go to solution
manigkannan
New Contributor
New Contributor

‎08/09/2022 09:27 PM

Hi Sahaj,

Thank you for the response and confirming to use AD connector to integrate with the child domain domain directly.

Regards,

Mani

0 Kudos
Copyright © 2024 Khoros, LLC