Integrate with Active Directory/LDAP Users
Active Directory (AD)/LDAP synchronization brings agility to Privileged Access Management (PAM). Kron PAM users can be created manually, but companies usually prefer to integrate their AD/LDAP with Kron PAM. When integrated, Kron PAM synchronizes and keeps the user and user group information updated according to the company’s AD/LDAP. Alongside Kron PAM’s ease of bulk user/user group creation via AD/LDAP integration, user management, and authorization from one central location is also a value-added benefit.
New employees can have their Kron PAM account as soon as they are included in the Active Directory/LDAP, and the accounts of employees who left the company can be deleted in quick succession.
With this integration, users do not need to remember different credentials, as AD/LDAP synchronization simplifies the user’s daily routine and lowers password fatigue by allowing them to log in to all systems with only one credential.
The AD/LDAP integration mechanism is as follows:
- Netright-Tomcat connects to the AD/LDAP server
- Search for user groups with the search phrase
- Import User groups that match the search phrase
- Search users in the imported user groups with the search phrase
- Import users that match the search phrase
When you apply AD configurations, the Kron PAM Netright-Tomcat Service synchronizes the users and user groups from the AD/LDAP.