Active Directory role mappings
- Última actualización2020/05/14
Active Directory role mappings
The Role Mappings feature maps Active Directory (AD) security groups to one or multiple roles in the Control Room. This allows the Enterprise Control Room to synchronize with the AD and assigns the correct roles to the users, and accessing objects such as bots, devices, folders, credentials, Credential Vault lockers).
You can add various role mappings in the Control Room: Map Active Directory roles
Based on the mapping information, user roles are assigned in multiple ways:
- User creation
- All the security groups that a user belongs to in the AD are retrieved and roles are automatically assigned to that user based on the mappings.
- User login
- Every time a user logs in, the Control Room validates the mappings, the current security group memberships, and assigned roles before confirming any required changes.
- Automated background process
- This process is initiated based on the defined time period set on the Active Directory role mappings page. It synchronizes all the mappings before synchronizing roles for every user in the Control Room based on the updated mappings: Synchronize role mappings