Domains | PRA On-prem
What are domains in Vault?
In Vault, domains represent the logical grouping of systems based on common attributes, such as network or organizational structure. Domains help organize and manage the access to accounts and resources within Vault.
How are domains useful in Vault?
Domains enable Vault administrators to organize endpoints and accounts more efficiently, making it easier to manage access and apply policies. By grouping systems into domains, administrators can streamline access controls and ensure that appropriate policies are enforced across related systems and accounts.
How do I access the Domains page?
- Use a Chromium-based browser to sign in to your Privileged Remote Access URL.
 This URL is provided in the BeyondTrust welcome email and includes your site URL followed by /login.
- From the left menu, click Vault.
 The Accounts page opens and displays by default.
- At the top of the page, click Domains.
 The Domains page displays.
Domains
Add domain
Click Add to manually add a new domain to the Domains list.
Domain name
View the name of the domain.
Jumpoint
View the Jumpoint used to discover accounts and endpoints on the domain.
Management account
View the management account associated with the Jumpoint and domain.
Discover
Click Discover to initiate the Jumpoint to scan and discover endpoints and accounts on the domain.
Edit
Click Edit to modify domain information.
Delete
Click Delete to delete this domain from the Domains list.
Add or edit domain
DNS name
Enter the DNS Name of the domain.
Jumpoint
Choose an existing Jumpoint located in the environment where you wish to discover accounts.
Management account
Select the management account needed to initiate a discovery job for this domain. Choose to use a new account, which requires a Username, Password, and Password Confirmation. Or choose to use an existing account discovered from a previous job or added manually in the Accounts section.
Scheduled domain discovery
Enable and configure domain discovery to run on a set schedule.
Enable scheduled discovery
Check the box to enable the Discovery Schedule options.
Discovery schedule
Select the days of the week and the time for the discovery job to run.
Discovery scope
Select the objects you wish Vault to discover:
- Domain Accounts
- Endpoints
- Local Accounts
- Services
You can enter a Search Path, or leave it blank to search all OUs and containers. You can also use an LDAP Query to narrow the scope of user accounts and endpoints searched.
Updated 2 months ago
