What access should be granted to the service account used by RSA Identity Governance & Lifecycle to fully support Active Directory collection and Access Fulfilment Express (AFX) fulfillment?
Originally Published: 2018-05-05
Article Number
Applies To
RSA Version/Condition: All
Issue
The RSA Identity Governance & Lifecycle Microsoft Active Directory Application Guide does not explicitly state the access which needs to be granted or delegated to the service account used by RSA Identity Governance & Lifecycle to fully support Active Directory collection and Access Fulfilment Express (AFX) fulfillment to Active Directory.
Find all of the the Collector and Connector datasheets (aka Application Guides) on RSA Link.
Resolution
"Domain Account Name Admin account name to use for the collection and provisioning activities
Login Distinguished Name Administrator login- id with write permission on required tree scope
Bind DN Distinguished Name of the user on AD permitted to search
the directory within the defined search base. E.g.
Domain\Administrator
To configure RSA Identity Governance and Lifecycle ADC to collect data from Domain2 using the Domain1 administrator: "
Hence, the account needs to be an administrator's account which by default has all privileges to fully support Active Directory collection and AFX fulfillment to Active Directory.
Related Articles
Grant a Trusted User Group Access to Agents Number of Views How to grant administrator access to a user in RSA Via Lifecycle and Governance Number of Views Does the RESTful Web Service AFX connector in RSA Identity Governance & Lifecycle support OAuth2 client_credentials grant … Number of Views MAEDC grants Entitlements to all Accounts with the same name regardless of Application in RSA Identity Governance & Lifecycle Number of Views Request forms for adding user access allow the selection of entitlements already granted indirectly in RSA Identity Govern… Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA announces the availability of the RSA SecurID Hardware Appliance 230 based on the Dell PowerEdge R240 Server How to troubleshoot Oracle database ORA-04030 errors in RSA Identity Governance & Lifecycle RSA Authentication Manager Upgrade Process Microsoft SQL Server Collectors can no longer connect to the SQL Server database after upgrade to Microsoft SQL Server 201…
Don't see what you're looking for?
