Selective JIT login

Overview

For domain-joined workstations where idemeum desktop client is installed, you can choose what account to use for technician login - domain or local. This feature is useful if you want to control on which workstations you want to expose your domain admin account.

Configuration

Navigate to your customer tenant admin dashboard
Access Settings → PAM
For Domain computers login mode choose Prompt to choose.

ℹ️

For newly installed idemeum agents the setting will be immediately applied. For existing idemeum agents it can take up to 6 hours to reflect the change.

Now when you login to workstation (scan the QR-code, send an OTP, or login with push notification) you will see a pop up that will allow you to choose the account type - local or domain.

Quick-start guides

Core features

Desktop agent

JIT Computer Access

JIT Entra ID Access

Cloud LAPS

Endpoint Privilege Management

Multi-tenant MSP portal

RFID Single Sign-On

Security

Support

Knowledgebase

Legal

Selective JIT login

Overview

Configuration

On this page