Linking Credentials to Domains
After you vault a credential for a domain, you can link the credential to all computers in the domain. Once a computer credential is linked to a domain, users can request access to any computer in the domain. If access is granted, users can perform any tasks on the computers granted by the credentials. All access to computers occurs through RDP or SSH sessions via EmpowerID's Privileged Session Manager.
When a request for a computer credential is approved, users check out the credentials to initiate RDP or SSH sessions. Once their tasks on the computer are complete, they check in the credentials to end their sessions.
When the Default Access Duration in Minutes setting on the credential's linked policy is reached in a session, EmpowerID automatically checks in the credentials and terminates the session. For more time, the user must request another session.
- In the Navigation Sidebar of the EmpowerID Web interface, expand Resources and click Computers.
From the Computer find page, click the All Computer Credentials tab and search for the computer credential you want to link to a domain.
To link the credential to all computers in a managed domain, set the Credential Type to Domain Admin or Domain User.
- Click the Display Name link.
- This directs you to the View One page for the credential. View One pages allow you to view information about a resource in EmpowerID and manage it as needed.
From the View One page, expand the Domain or Directory accordion and in the grid, click the Add Domain button.
The Domain or Directory accordion only appears for Domain Admin or Domain User credential types.
- In the dialog that appears, type the name of the managed domain in the Account Store field and then click the tile for the domain to select it.
- Click Save to save your selection and close the dialog.