Technical Tip: Using LDAP user credentials via SSO for Secret Launching (One secret for multiple LDAP users)
Description
This article describes how to configure and launch a secret using multiple LDAP users instead of a local user, expanding the document: Example 2: Launching the secret.
Scope
FortiPAM.
Solution
- Step 1:
Add the LDAP server and import the LDAP users to FortiPAM, refer to link below for details:
- Step 2:
Create a target-only secret, refer to the document below:
Example 2: Creating a secret using the Target Only template
This article will use RDP secret as an example, thus define a host IP and a domain name in the secret.
- Step 3:
To launch the secret, refer to the document below:
Example 2: Creating a secret using the Target Only template
Note that LDAP users should have permission on the target; for example, if a user uses RDP, then this LDAP user should have RDP permission on the target.
In conclusion, multiple LDAP users who have the necessary permissions can log in to FortiPAM and launch the same secret with different LDAP credentials.