Prerequisites

Before you start configuring IWA with Privileged Access Service, make sure you have done the following:

  • Relevant browsers are configured for IWA. See How to Configure Browsers for Silent Authentication.

  • Specify an external corporate IP range using Admin Portal. See How to Set Corporate IP Ranges. Corporate IP range for IWA is for the external network only.

  • Your company has at least 1 Delinea connector with web server enabled and that connector must be joined to Active Directory in the forest to which users are authenticating. See Enabling IWA Service on the Connector.

  • Decide if you want to use the Delinea tenant CA (recommended because the CA automatically installs to the Delinea connector and minimizes configurationsteps during roll-out), third-party CA (such as Symantec, GoDaddy, and so forth), or your internal CA.