Allow non administrative users to import accounts from provider scan
Allow non administrative users to import accounts from provider scan
0 vote
Hello,
Is there a way for non administrative users to import acounds discovered during a provider scan? This would at least be useful for Windows Local accounts from an AnyIdentity provider that are discovered auotmatically.
Since a non administrative user is able to manually add an account into a PAM vault, is there any reason why they shouldnt be able to just import a discovered account instead, as that would be easier, and accomodates importing additional attributes such as SID etc which maybe difficult to retrieve/enter manually.
Please let me know if you would like any additional info.
Thanks
Joe
All Comments (1)
Hello Joe,
Thank you for your request. Unfortunately, we don't have a way to do that today, but I agree that it would be useful. As you mentioned, if you can add it manually, it would make sense to be able to import it directly from the vault, it would certainly be easier. I'm taking note of your request.
However, we are looking to move our provider definitions to an entry in the tree where you could manage permissions on it. If we go there, it could probably be possible to access the scan result from the provider and import them. So, any user with permission on the provider could import accounts easily.
That being said, I agree, your request makes sense, but I'm not sure exactly of the solution today since our architecture is evolving. We will discuss that internally and see what could be done to improve the task of creating/importing accounts.
Don't hesitate if you have questions or other great requests.
Best regards,
François Dubois