Enable domain JIT accounts

By default local admin accounts are used for login. Follow this guide if you want to use domain admin accounts for JIT computer access.

Overview

By default technicians access any customer workstation with local admin accounts. If you want to install idemeum desktop agent on domain controller and also leverage domain JIT accounts for your technicians, then you need to enable domain JIT accounts.

❗

When you want to use domain JIT accounts you need to install idemeum desktop agent on domain controller.

Enable domain JIT accounts

Navigate to your idemeum admin portal
Access Settings → Desktop agent
From the dropdown for Domain computers login mode choose the Domain setting from the dropdown

💡

If you are installing new desktop agents, the setting will be picked up right away. If you have existing agents, they will update the settings in within 6 hour window.

Quick-start guides

Desktop agent

Endpoint privilege management

JIT computer accounts

JIT Entra ID accounts

Cloud LAPS

Passwordless MFA

RFID Single Sign-On

Multi-tenant MSP portal

Cloud directory

Security

Support

Knowledgebase

Legal

Enable domain JIT accounts

Overview

Enable domain JIT accounts

On this page