Multiple Service accounts for domain ressource

Products Privilege Secure Ideas
, ,
1

What is a one sentence summary of your feature request?

Enable the selection of different domain service accounts for managing user activities, allowing more granular control over permissions and aligning with the Active Directory

Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.

When integrating a domain with PAM, only a single domain service account can be used for managing all user objects within that domain. The ability to select different service accounts for account interactions in Active Directory would offer improved control over AD permissions and would help to reduce high privileges for service accounts.

How do you currently solve the challenges you have by not having this feature?

Currently we are only allowing the service account to manage a certain group of accounts in AD.

3 Likes
2

Good idea

there should also be an option to select the service account for auto-onboard!

Die Abbildung zeigt eine Benutzeroberfläche zur Verwaltung von Konten, einschließlich Optionen zum Synchronisieren, Onboarding und zur Verwaltung lokaler Administratoren. (Beschriftet durch KI)
Die Abbildung zeigt eine Benutzeroberfläche zur Verwaltung von Konten, einschließlich Optionen zum Synchronisieren, Onboarding und zur Verwaltung lokaler Administratoren. (Beschriftet durch KI)1342×1071 41 KB
,

3 Likes
3

Its my two favorite Dominiks :slight_smile: I like both ideas and maybe DomFr I would post this as a new idea so the PMs can respond to them easier (and others can vote for this idea as well.

4

I have some great news - we’re working on this now! Specifying a default Service Account and Platform for auto-onboarded resources will be available by March.

1 Like