Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Implementing AD Console Access

lionelrl
New Contributor III
New Contributor III

We are currently integrating AD with Saviynt CPAM for AD Console Access + RDP. 

Steps followed:

  1. Created AD connection , security system , endpoint
  2. Imported accounts & access
  3. Executed the bootstrap Job

Issue : We are not seeing the account in the New privilege access request page. Below is the PAM Config file used. Please let us know how to do we fix the issue.

{
"Connection": "AD",
"encryptionMechanism": "ENCRYPTED",
"CONSOLE": {
"maxCredSessionRequestTime": "36000",
"maxCredlessSessionRequestTime": "36000",
"maxIDRequestableTime": "2592000",
"shareableAccounts": {
"IDQueryCredentials": "acc.name in ('')",
"IDQueryCredentialless": "acc.name in ('NCArajal')"
},
"endpointAttributeMappings": [
{
"column": "accessquery",
"value": "where users.USERNAME is not null",
"feature": "endpointAccessQuery"
},
{
"column": "customproperty43",
"value": "PAMUserAccountAccessControl_Accounts",
"feature": "accountVisibilityControl"
}
],
"endpointPamConfig": {
"maxConcurrentSession": "50"
},
"accountVisibilityConfig": {
"accountCustomProperty": "customproperty55",
"accountMappingConfig": [
{
"accountPattern": "cpamuser*",
"mappingData": "roletest1",
"override": "false"
},
{
"accountPattern": "cpamuser1,cpamuser2",
"mappingData": "roletest2",
"override": "false"
}
]
}
}
}

2 REPLIES 2

sureverma
New Contributor
New Contributor

Hi all,

Please find below logs while launching the AD console session.

Regards,

Suresh

NageshK
Saviynt Employee
Saviynt Employee

@lionelrl As discussed in SME call, please request for Remote App setup. Once the setup is available, you will receive the details to populate in Global Config -> PAM. Then you should be able to launch AD Console sessions. 

Thanks

Nagesh K