LDAP/AD User Connections

If both the target systems and Kron PAM are integrated with LDAP/AD, users can log in to the target systems with their LDAP credentials. This feature can also be used in case a Kron PAM user’s username and password are configured as an account with the same username and password in the target system. This user is called a Session User.

Please check the How-To Integrate Active Directory/LDAP documentation for AD/LDAP integration. If there are no credentials configured for the device group, such as Global User, SAPM, and Assigned Credentials, Kron PAM logs in to the target device with the LDAP user. If any of the session credential methods mentioned above are configured, Kron PAM will establish the connection with the configured method.

It is possible to choose the account to be used to connect to the target system. This is explained further in the following section. Even if there are other methods configured for the connection, the Session User can be added as a choice to connect to the target system. Please refer to the following Multiple User Selection in the RDP Proxy section for the necessary configurations.