Active Directory Synchronization

Hello,

Thank you for contacting us on that matter.

The only documentation we have so far is about creating CyberArk PSM connections using a template from an AD Synchronizer.

You can use any kind of session templates to create your entries from an AD Synchronizer.

Let us know if you have further questions about this.

Best regards,

Ok, Thanks for the information. Though I believe it is a bit out of date as of now because when I use it, I also get back the description field that's filled out in AD. And as it's noted in the link you provided:

From Active Directory Synchronizer
This approach will create entries from an LDAP request on a domain controller.
One downside of this setup is that only the Host field will be filled from the synchronizer, the Privileged Account and the component have to either remain empty, or all using the same setting (coming from the template).

Are there plans on updating the documentation to provide the values that are returned and the variables they are mapped to in the future?

Thanks so much!

Glen Collins

Hello Glen,

Thank you for your feedback.

That's right, the template will fill the same information for all entries except if you use variables. If the Privileged Account names can be built in the Template using variables, then you should be able to set it properly.

Another method if each Privileged Account is used by only user, then you can set the Template's Credential parameter set to My privileged account.

About the documentation, I have asked our technical writers to create a knowledge base article for different possible scenario with the AD Synchronizer. Once it will be available, I will post the link here.

Best regards,