Symantec Privileged Access Management

Expand all | Collapse all

Service Account For AD Authentication

  • 1.  Service Account For AD Authentication

    Posted 04-09-2019 12:35 PM

    Can CA PAM use a service account to authenticate to an Active directory? 



  • 2.  Re: Service Account For AD Authentication

    Posted 04-10-2019 08:16 AM

    yes, any account with atleast Read-Only privilege, to scan the directory.



  • 3.  Re: Service Account For AD Authentication

    Posted 04-10-2019 09:10 AM

    If that's the case, when i am adding the target account the Account Name should be the service account name and the Password would be the password of the service account right? For the Distinguished Name, can you give an example using a service account? 



  • 4.  Re: Service Account For AD Authentication

    Posted 04-10-2019 09:16 AM

    yes, the Account name should be the Service Account name and the Distinguished Name will be 1 of 2 options:

    1) <serviceAcct>@domain.com

    2) CN=<serviceAcct>,O=Domain,OU=com,...

     

    try the first one, it usually works