- Idemeum documentation
Quick-start guides
Elevated computer access
Elevated Entra ID access
LAPS
Multi-tenant MSP portal
- Overview
Desktop client
Passwordless MFA
- Overview
- Passwordless MFA for Windows
Cloud directory
Cloud RADIUS
Cloud LDAP
- Overview
RFID Single Sign-On
Single Sign-On
Security
- Overview
- Security whitepaper
Downloads
- Download idemeum software
Support
- Contact support team
- Support options
Knowledgebase
Legal
- Terms of service
- Privacy policy

Elevated computer access

Supported features

High-level overview of the features that Elevated Computer Access offers.

You can decide how you would want technicians to login into customer workstations - with shared accounts or named accounts.

Computer	Shared local account	Shared domain account	Named local account	Named domain account
Local computer	✅	-	✅	-
Domain computer	✅	✅ DC install required	✅	✅ DC install required
Entra ID computer	✅	-	✅	-

Elevated Access to Computers feature table

Feature	Description
Automatic named account creation	Idemeum will automatically create individual named accounts for your technicians to stay compliant with cyber frameworks.
Just-in-time (JIT) computer accounts	Idemeum helps ensure Zero-Standing Privilege by automtically enabling and disabling individual admin accounts only for the duration of the session.
Automatic password rotation	Idemeum will rotate admin accounts passwords after each technician login.
Login with Passwordless MFA	Technicians are not exposed to credentials and access happens with Passwordless MFA application by simply scanning a QR-code and approving login with biometrics.
Elevation with Passwordless MFA	Technicians can elevate in a remote session or while physically at the workstaion with Passwordless MFA when privileged actions needs to be carried out.
Workstation access control	Using the cloud portal you can control what technicians have access to what customer workstations.
Audit logs	Detailed audit logs are captured and maintained in the cloud (computer log in, log off, lock and offline code access).
Offline computer access	When the workstation is offline, technicians can login with one-time code that can be retrieved from the idemeum mobile application.
Cloud MSP portal	Idemeum MSP portal centralizes the control and management of multiple organizations from one dashboard.
Silent installation	Idemeum supports various installation methods, including PowerShell, Intune, SCCM, and more.
Windows local, domain-joined, Azure-joined	Idemeum supports all flavors of Windows workstations.

On this page