Map Directory Credentials to a Domain

Domain management allows you to map a default primary directory credential and an optional fallback credential as preferred binding credentials used for account resolution against domains in your environment when logging in to BeyondInsight.

If credentials are not mapped, or both mapped credentials fail, BeyondInsight attempts login following the legacy process of not using mapped credentials.

Follow these steps to add or edit primary and secondary credentials for a domain:

  1. Navigate to Configuration > Role Based Access > Domain Management.

Screenshot of page for adding or editing domain credentials.

  1. Click Create New Domain to create a new one.
  2. Provide the name of the domain or LDAP server.
  3. Select the type of platform.
  4. Select a Primary Credential from the dropdown.
  5. Select a Fallback Credential from the dropdown.
  6. Click Create Domain.
  7. To edit credentials for an existing domain, select the domain, make your edits, and then click Save Domain.

Primary and fallback credentials can include Password Safe managed accounts.

 

Screenshot showing mapped credentials being used for a domain login.

When domain management is configured for a domain and user selects the domain when logging into BeyondInsight, the specified primary and fallback credentials are used to resolve their account. The credentials used for authentication are shown in the Login Details for the specific login activity on the Configuration > General > User Audits page.