After you add account information to Zero Trust Privileged Access Service, other users with the appropriate global- or domain-specific permission can log on to domain computers using the account without knowing the password for the account.
When you select an account stored in Privileged Access Service to log on to a domain computer, Privileged Access Service open a remote desktop connection on the target computer.
To log on using saved domain account information:
- In the Admin Portal > Resources page, select the Domains tab.
- Select a domain to display the domain details.
- Click Accounts.
- Select the appropriate domain account to display the Actions menu.
- Select Login or Request Login.
If you have the Login permission and the stored credentials are valid, clicking Login starts a new interactive secure shell or remote desktop session on the target resource. Within the secure shell or remote desktop session, most operations—such as cut and paste or resizing of windows—work as you would expect them to. For more information about working in the remote session, see Deleting a domain.
If you don’t have the Login permission and click Request Login, your request is sent to a designated user or to the members of a designated role for approval. If your request is approved, you have limited period of time to start a new interactive secure shell or remote desktop session on the target resource. For more information about the “request and approval” work flow, see Managing access requests.