Phone Number +1-202-802-9399 (US)

Secret Server Feature: active directory integration

Use Active Directory Integration for Controlled Authentication

Quickly roll out access to Secret Server by granting access to domain users and security groups.

What’s the challenge?

Managing groups and logins in another application adds significant overhead for administrators. Grant access to Secret Server without recreating accounts and manually managing groups.

Why it’s important

Many organizations invest heavily in Active Directory to ensure users have a single identity across the organization. Leveraging your existing Active Directory groups and logins reduces management overhead and improves adoption because it’s one less password for admins to remember.

How this feature solves it

Secret Server’s Active Directory integration enables users to sign in with their normal domain account to gain access to privileged accounts, such as their domain administrator credential. AD integration makes it easy to roll Secret Server out to an IT Department, and by assigning access based on security groups you won’t have to manually grant permissions every time a new admin needs access. Then, enforce security best practices by adding two-factor authentication to Secret Server to prevent unauthorized access.

TRY SECRET SERVER FREE FOR 30 DAYS. It’s fast to install and easy to use!
Start your free trial using the trial form.
View Secret Server’s full list of user-friendly features.

Additional Information

Active Directory integration gives administrators a simple and effective way to automatically grant and revoke access to Secret Server with tools and policies that are already in place. By granting rights based on domain security groups you can ensure that when a user changes roles in a company their rights in Secret Server can change appropriately.

Microsoft also provides additional single sign on and security options that Secret Server can leverage. With Integrated Windows Authentication or ADFS you can provide Single Sign On (SSO) to Secret Server to simplify a user’s day to day.

There may be some cases where Active Directory isn’t feasible due to separation of duties, or environments under tight control and there is no domain. In those situations, Secret Server does have its own user and group store and capabilities, and group membership changes can be delegated across teams to limit overhead.

Regardless of which user authentication methodology is right for your environment, you will be able to make use of SAML for SSO.

Try Secret Server for 30 Days

  • Free Enterprise level support
  • Choose your preferred deployment option
  • The easiest PAM Solution you’ll ever use
Choose your deployment option:
By completing this form you are opting into emails from Thycotic. You can unsubscribe at any time.

See comprehensive feature list