RDP Single Sign-On by Assigning Kron PAM Credential to Target System Account

In some cases, there are no Active Directory credentials in the target systems. Also, not all users use the same credentials. There is more than one privileged user account in the target system, and different user groups use different privileged accounts to log in to the target system. 

In the example below, the company policy is that

 User A logs in to the target system as Account X, and User B logs in to the target system as Account Y

. This configuration is made in Kron PAM as 

Users, User Groups, Devices, Device Groups, and Device Realms need to be configured properly. Admins also give users the right to see the permitted device list.

The Assigned Credentials parameter is configured in Kron PAM.

The session between the user and Kron PAM is established.

The user chooses the desired system from the 

Kron PAM checks the assigned credential parameters and connects the user with the proper account.

The session between Kron PAM and the target system is established.

By establishing the user session and the monitored session, a back-to-back session is established between the user and the target system.

Learn how to achieve single sign-on for RDP by assigning Kron PAM credentials to target system accounts. This document provides step-by-step instructions for configuring assigned credentials in Kron PAM, setting up role-based management, establishing user

Opening Remote Desktop App on the Windows Jump Server

Configure Assigned Credential Feature

Configure Password Management on Web-Based Applications

Kron PAM How-to Guides

KronPAM - How-To Guides

SIEM and Syslog Integration

Integrate with Active Directory/LDAP Users

Integrate with ITSM

Integrate with Jenkins