Hi everyone,
Does anyone has any best practice document/link for Active Directory source to manage users, groups and service accounts?
Thanks
Kalyan
Hi @kalyannambi2010,
you can follow the the guide:
basically for AD, the best practice are:
- use TLS
- reading only the necessary OUs(if you don’t need to read the whole forest)
- reading only the necessary account/group attribute
1 Like
Hi @enistri_devo thank you for your reply and do we need to create separate AD sources for normal accounts, admin accounts and service accounts etc and how to manage all these accounts in different sources if we create? any thoughts on this?
Thanks
Kalyan
This is a you choice. You can create multiple sources or only one, both have advantages and disadvantages.
With multiple sources you can manage or search better every single type of account but you need top maintain more sources, vice versa with one source
Hi Kalyan,
Below is the link for Best Practices given by Sailpoint for Managing Service Accounts.
https://community.sailpoint.com/t5/IdentityNow-Articles/Best-Practices-Managing-Service-Accounts-in-IdentityNow/ta-p/79435
Let me know if you need any more details.
Thanks
1 Like
Hi @enistri_devo thank you for providing the details.
Thanks
Kalyan
1 Like
Hi @RAKGDS thank you for providing the details.
Thanks
Kalyan