LDAP users (Windows Directory, NetIQ eDirectory, or OpenLDAP) can get administration privileges on Privileged Account Manager through their LDAP group membership. To achieve this, see Section 4.1, Configuring LDAP Server Settings. Assign the permissions configured in the Framework group to the logged-in LDAP users, based on their group membership in the LDAP server.
Configure an Identity Manager Active Directory or LDAP driver with the LDAP group membership entitlements to provision the permissions for LDAP users by mapping those LDAP groups in the Privileged Account Manager framework.
For more information on mapping, refer to Step 6 in Modifying a User Group.
NOTE:This feature is not supported for Advanced Authentication users.