Help
FortiPAM
FortiPAM allows you to protect, isolate and secure privileged account credentials, manage and control privileged user access, and monitor and record privileged account activity.
kgurbuz
Staff
Staff

Created on ‎09-04-2025 12:46 AM

Article Id 409391

Technical Tip: Using LDAP user credentials via SSO for Secret Launching (One secret for multiple LDAP users)

Description

 

This article describes how to configure and launch a secret using multiple LDAP users instead of a local user, expanding the document: Example 2: Launching the secret.

 

Scope

 

FortiPAM.

 

Solution

 

  • Step 1:

Add the LDAP server and import the LDAP users to FortiPAM, refer to link below for details:

LDAP servers

 

  • Step 2:

 

Create a target-only secret, refer to the document below:

Example 2: Creating a secret using the Target Only template

 

This article will use RDP secret as an example, thus define a host IP and a domain name in the secret.

 

sso_1.jpg

 

  • Step 3:

To launch the secret, refer to the document below:

Example 2: Creating a secret using the Target Only template

 

sso_2.jpg

 

Note that LDAP users should have permission on the target; for example, if a user uses RDP, then this LDAP user should have RDP permission on the target.

 

In conclusion, multiple LDAP users who have the necessary permissions can log in to FortiPAM and launch the same secret with different LDAP credentials.

Labels:
92
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.