CyberArk Identity Trial and Common Tasks
Identity makes it very easy to map AD Security Groups to Roles to integrate SSO, Multi-Factor Authentication (MFA), and endpoint security policies. This feature allows AD data to be managed in the cloud without duplication.
Notes
Diagram
Trial account
Start with a new free trial tenant from CyberArk Identity. Navigate to
https://www.cyberark.com/try-buy/workforce-identity-trial/.
The tenant ID appears in the initial tenat URL : https://[TenantID].id.cyberark.cloud.
Identity Setup
1. Change suffix - once you changed it, your login account will need to add this suffix to login
cloudadmin -> cloudadmin@travel_ab40021
You also can change your tenant url to a different one than from your tenant id.
2. Create / update Installeruser
The InstallerUser service account is a built-in account that exists in the Identity Security Platform Shared Services (ISPSS) tenant. This account is not built-in with the Free Trial tenant. Back-end changes with the ISPSS tenant require the use of the built-in InstallerUser account.
Add the InstallerUser account to the System Administrator role.
3. Install the CyberArk Identity Connector to the domain-joined server.
Register the CyberArk Identity Connector to the Identity tenant.
Do not use admin account, just use installeruser account
Leave the Activate Idaptive pages settings as default and click Next
Check the box next to travelcom.local to give the CyberArk Identity Connector read
permissions to the deleted objects folder in Active Directory
. The configuration wizard will perform a connections test. Wait until you see 4 Successes.
Explore the CyberArk Identity Connector utility application.
Roles
View the CyberArk Identity Default roles.
Explore the relationship between roles and policies.
Create an Identity and Access Management (IAM) Admin role.
Create roles to map to an AD securitygroups.
Create an Identity Cloud Directory role for contractors.
共有 0 条评论