What access should be granted to the service account used by RSA Identity Governance & Lifecycle to fully support Active Directory collection and Access Fulfilment Express (AFX) fulfillment?
Originally Published: 2018-05-05
Article Number
Applies To
RSA Version/Condition: All
Issue
Find all of the the Collector and Connector datasheets (aka Application Guides) on RSA Link.
Resolution
"Domain Account Name Admin account name to use for the collection and provisioning activities
Login Distinguished Name Administrator login- id with write permission on required tree scope
Bind DN Distinguished Name of the user on AD permitted to search
the directory within the defined search base. E.g.
Domain\Administrator
To configure RSA Identity Governance and Lifecycle ADC to collect data from Domain2 using the Domain1 administrator: "
Hence, the account needs to be an administrator's account which by default has all privileges to fully support Active Directory collection and AFX fulfillment to Active Directory.
Related Articles
Active Directory AFX 'Disable/Enable an Account' connector capabilities do not update added parameters in RSA Identity Gov… Number of Views Request a Cloud Access Service Account Number of Views Unclear Error Message Possible for Application Protected by Fingerprint Only Number of Views How to add users, contacts, colleagues to RSA Community Account to access knowledge articles and certain software downloads Number of Views Sub-groups resolution is rejected and Member Type is set to "Account" instead of "Group" for Account Collectors in RSA Ide… Number of Views
Trending Articles
Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Governance & Lifecycle 8.0.0 Administrators Guide RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
