Click HERE to see how Saviynt Intelligence is transforming the industry. |
07/22/2024 10:55 AM - edited 07/23/2024 09:07 AM
Team,
We want to confirm if Saviynt CPAM supports the AzureAD domain accounts for PAM use cases like credential check out , launch RDP sessions, credential-less session to domain etc. similarly like regular AD?
Because when we went through the documentation of Azure it only talks about workloads but not domain. so wanted to confirm if AzureAD supports all use cases that are support by regular AD and can we follow the same documentation of Onboarding AD ?
07/23/2024 04:43 AM
Hello @Saathvik ,
We are looking into it.
For ref: Solved: CPAM setup with Azure - Saviynt Forums - 31416
Thanks.
07/23/2024 05:54 AM
@sudeshjaiswal : Thanks for referring to post but looks like it is talking about Azure workload not particularly about AzureAD. So that post looks like not helpful in this case. Please let us know what you find on the use case we mentioned
Thanks in Advance!
07/23/2024 10:48 AM
@Saathvik As of 24.7, onboarding Azure AD for PAM is a manual process (ref post : saviynt-cpam-azure-instance). So, it cannot be onboarded like the regular AD.
For the question on whether we can launch rdp sessions to domain joined windows machines : I have not seen this use case come up so far. It has to be evaluated to see if the reusing the AD remote app configuration to Azure AD would help.
Are your windows servers joined to a domain being managed in Azure AD?
Thanks
Nagesh K
07/30/2024 01:03 PM
@NageshK : Thanks for the response. I went through the post and had a question on point #4 where you mentioned that don't add correlation rule instead asking us to manually correlate? Is there any issue if we use correlation rule?
Also regarding windows server joined to AzureAD domain I will get back to you. As of now I don't have concrete information on this, I was just checking if all the use cases of regular AD are supported by AzureAD or not.