PARTNERS - Please join us for our upcoming webinar:
Leveraging Intelligent Recommendations for Operational Transformation.
AMS Partners click HERE | EMEA/APJ Partners click HERE

Implementing AD Console Access

lionelrl
New Contributor III
New Contributor III

We are currently integrating AD with Saviynt CPAM for AD Console Access + RDP. 

Steps followed:

  1. Created AD connection , security system , endpoint
  2. Imported accounts & access
  3. Executed the bootstrap Job

Issue : We are not seeing the account in the New privilege access request page. Below is the PAM Config file used. Please let us know how to do we fix the issue.

{
"Connection": "AD",
"encryptionMechanism": "ENCRYPTED",
"CONSOLE": {
"maxCredSessionRequestTime": "36000",
"maxCredlessSessionRequestTime": "36000",
"maxIDRequestableTime": "2592000",
"shareableAccounts": {
"IDQueryCredentials": "acc.name in ('')",
"IDQueryCredentialless": "acc.name in ('NCArajal')"
},
"endpointAttributeMappings": [
{
"column": "accessquery",
"value": "where users.USERNAME is not null",
"feature": "endpointAccessQuery"
},
{
"column": "customproperty43",
"value": "PAMUserAccountAccessControl_Accounts",
"feature": "accountVisibilityControl"
}
],
"endpointPamConfig": {
"maxConcurrentSession": "50"
},
"accountVisibilityConfig": {
"accountCustomProperty": "customproperty55",
"accountMappingConfig": [
{
"accountPattern": "cpamuser*",
"mappingData": "roletest1",
"override": "false"
},
{
"accountPattern": "cpamuser1,cpamuser2",
"mappingData": "roletest2",
"override": "false"
}
]
}
}
}

2 REPLIES 2

sureverma
New Contributor
New Contributor

Hi all,

Please find below logs while launching the AD console session.

Regards,

Suresh

NageshK
Saviynt Employee
Saviynt Employee

@lionelrl As discussed in SME call, please request for Remote App setup. Once the setup is available, you will receive the details to populate in Global Config -> PAM. Then you should be able to launch AD Console sessions. 

Thanks

Nagesh K