Session User (LDAP/AD User) Connection

if both the target systems and kron pam are integrated with ldap/ad, users can log in to target systems with their ldap/ad credentials this feature can also be used when the username and password of a kron pam user is configured as an account with the same username and password in the target system this user is called a session user if there are no credentials configured for the device group (such as manual login , direct credential username/password , vault , or assigned credentials ), kron pam logs into the target device as an ldap user if any of the credential methods mentioned above are configured, kron pam will establish the connection with the configured method kron pam allows the selection of the authenticated user that will be able to connect to the target devices this is explained in the following section even if any of the methods mentioned above is configured for the connection, a session user can be added as a choice please refer to section the docid\ pr1xzwcuhadodd 9w6vp or configuration details some remote devices require fqdn addresses, in addition to a username in this case, the useemailasusername property key should be set as true in the device group properties, to use both properties to log in to target devices if the target device requires fqdn addresses, the following configuration is required, in addition to the session user property navigate to devices > device groups click the device group and select the properties option click the edit and next buttons select the custom properties create the useemailasusername property value as true save