User Accounts
To manage users on the Delinea Platform, begin by clicking Access from the left navigation menu, then selecting Users. The Users page displays all users on the platform, including Active Directory, Federated, and Delinea Directory (local) users.
Click a USERNAME to go to that specific user's page, where you can view and edit settings for the user account, including the user's group memberships, roles, policies, activities, and attributes.
For detailed instructions on managing platform users, see Managing Users.
External User Accounts vs. Local User Accounts
Virtually every user account on the platform should be an external user account, meaning either an Active Directory account or a federated account.
A local user account is added directly to the platform by an administrator.
An external user account isn't added directly to the platform, but becomes accessible on the platform when the associated Active Directory or federation is connected to the platform.
The administrator must still provide permissions to the user to access platform features.
A local user must satisfy local authentication requirements to log in to the platform.
An external user must only satisfy the authentication requirements through the external source (AD or federation IdP).
A local user account appears on the Users page (Access > Users) when an administrator adds the account to the platform.
An external user account appears on the Users page only after the user logs in to the platform for the first time.
Avoid Adding Local User Accounts
Adding local user accounts to the platform is not considered a best practice for privileged access management. Local user accounts should be added only rarely, and for very specific purposes. For example, you might need to add a local user account for someone who needs to try out platform functionality for a very limited time. Vendors are also added as local accounts. For details, see Adding Local User Accounts.
Managing Third-Party Contractors and Vendors
Managing Third-Party Vendor Entitlements When Using AD
