Path for JIT domain accounts (OU)

Overview

For domain JIT computer accounts you can choose the Organization Unit (OU) container where these accounts will be created.

• The default location for each tenant is <your domain>/Users
• You can choose to create any OU or a set of nested OUs for your JIT accounts, i.e <your domain>/JIT accounts or <your domain>/JIT/MSP accounts etc. You just need to specify the path.
• If OU path does not exist, idemeum will create the corresponding OU containers.
• The nested containers under Users are NOT supported. For instance, <your domain>/Users/JIT accounts is not supported
• If you used the path 1 for your JIT accounts and they were already created, and then you change the path to path 2, next time when JIT login is performed, JIT account will be moved to the new location

Configure OU path

• Navigate to any customer tenant admin portal
• Access Settings -> PAM
• When the Domain option is chosen for login mode, you will see the additional option at the bottom to configure the OU path

• Provide the path to OU or nested OUs that you want to use and save the configuration