Active Directory Access and GateKeeper Proximity.
You can manage your Active Directory users directly from your GateKeeper Hub account. You can change Active Directory passwords, deactivate accounts, and much more, directly from the GateKeeper Hub web interface. In order to do this, the Hub requires READ and WRITE ACCESS to Active Directory.
Case 1: On-Premise Active Directory
There are two methods by which you can connect your AD to the GateKeeper Hub.
Option #1: Direct LDAP(S) connection
Option #2: Use the AD Connector
In both cases, you will be asked to use an AD account to enable communication over LDAP. If you want to use GateKeeper Hub to manage your users in AD, make sure to connect the AD using a DOMAIN ADMIN account. This will allow you to add new users in AD, reset passwords, unlock AD accounts, etc. from the GateKeeper Hub.
You should create a new SERVICE ACCOUNT in your AD with Domain Admin permissions and use that to connect your AD to the GateKeeper Hub. Make sure that the service account password is long and complex, and that it does not expire. This ensures that the connection to AD over LDAP remains active and does not need to be recreated.
Connect to a Domain Controller.
Click Start and type
Navigate to the Organizational Unit where the GateKeeper Hub Service Account will be located.
Right-click the Organizational Unit, select New > User.
Optional: Type GateKeeper into the First Name field and Service Account into the Last Name field.
Type GateKeeperServiceAccount into the User logon name field and choose the appropriate UPN suffix. Click Next.
Configure a password based on your organization's password policy requirements, uncheck the User must change password at next logon checkbox, and check the Password never expires checkbox. Click Next. Click Finish.
Close the Active Directory Users and Computers window.
Case 2: Azure Active Directory
GateKeeper Hub can also manage your users in Azure Active Directory. In order to connect your Azure Active Directory to GateKeeper Hub, please refer to the following knowledge base article.
Once you have finished setting up Azure AD with GateKeeper Hub, a new Enterprise Application will be installed in your Azure AD.
If you want GateKeeper Hub to be able to reset your users' passwords in Azure Active Directory, you MUST provide a Password Administrator role to the GateKeeper-Hub Enterprise Application.
- Log on to you Azure AD Portal
- Navigate to Azure Active Directory
- Go to Roles and Administrators
- Search For "Password Administrator"
- Select Password Administrator from the table and click on Add Assignments
- Search for "GateKeeper-Hub" in the list and then click Add
This will add the Password Administrator role to the GateKeeper-Hub Enterprise Application, allowing you to manage users and their passwords in Azure AD through your GateKeeper Hub.
For any additional questions or concerns regarding proximity login, computer locking, credential management, or compliance, please contact GateKeeper Enterprise support using the Support Ticket form on https://gkaccess.com/support/ or email firstname.lastname@example.org.
GK application setup; gk application set up; hub manager applications; how to use AD with Gatekeeper; using AD with GateKeeper; AD for GateKeeper; Active Directory for GateKeeper; Active Directory for GateKeepers; can I use Active Directory for GateKeeper; can we use Active Directory for GateKeeper; Can GateKeeper use Active Directory?; Can GateKeeper use AD?; Can GateKeepers use Active Directory?; Can GateKeeper integrate with Active Directory?; Does GateKeeper integrate with Active Directory?; Does AD work with GateKeeper Enterprise proximity?; Does AD work on GateKeeper Enterprise auto?; Does AD work with Halberd?; using AD with GateKeeper; using Active Directory with proximity; using AD with proximity login; using Active Directory with auto-proximity login; active directory access through GateKeeper; GateKeeper active directory integration; Windows Active Directory for proximity login GateKeeper; how to enable AD for GateKeeper; enabling AD for GateKeeper; enable AD for GateKeeper proximity login; how to enable Active Directory integration for proximity log in GateKeeper;