Recent Updates to Okta Privileged Access – Oct 25

There have been a number of features released for Okta Privileged Access over the recent months, some major and some minor, but may have been lost in the excitement of Oktane 25. This article provides a summary of all the changes release. IntroductionActive Directory Integration ChangesRDP Support (aka Click-to-Connect)AD rotate password configurationAD Accounts as Okta … Continue reading Recent Updates to Okta Privileged Access – Oct 25 →

Using Risk in Okta to Manage Privileged Access in OPA

Identity Threat Protection with Okta AI will continuously assess user context and automatically respond to identity threats across your ecosystem. This includes managing entity (user) risk levels. Okta Privileged Access does not explicitly have user risk built in, but user risk can be applied to control how users access privileged resources. This article looks at … Continue reading Using Risk in Okta to Manage Privileged Access in OPA →

RDP’ing with Microsoft Active Directory Accounts in OPA

Okta is extending it's Okta Privileged Access capabilities with Microsoft Active Directory accounts by adding the ability to leverage them in direct RDP connections. This means it now supports two use cases with AD accounts - a reveal function where those credentials can be used (via copy'n'paste) to any AD-authenticated service, and the new direct … Continue reading RDP’ing with Microsoft Active Directory Accounts in OPA →

A Set of Utilities for Secrets Management in OPA

In a recent engagement a customer raised issues around management of secrets and folder,s and associated policies and users in their Okta Privileged Access (OPA) deployment. In the spirit of the mantra of Mr Bigweld in Robots "see a need, fill a need", I set about writing some utilities to help manage larger, more-complex Secrets … Continue reading A Set of Utilities for Secrets Management in OPA →

New Secrets Search Function in Okta Privileged Access

Okta has introduced a new search function for Secrets in Okta Privileged Access (OPA). When an OPA user goes to the Secrets menu item, they will see a new search option. Typing in a search argument will show matching secrets with the secret name, Folder hierarchy (clickable breadcrumb), Resource Group / Project and Description. You … Continue reading New Secrets Search Function in Okta Privileged Access →

Privileged Access Management for Microsoft Active Directory with Okta

Microsoft Active Directory is pervasive across industry, and thus a common target for hackers, particularly with the abundance of privileged accounts. In this article we look at how the Okta Workforce platform can use different approaches to managing privileged access and reducing the risk of these accessed. It includes just-in-time provisioning of access and dynamic … Continue reading Privileged Access Management for Microsoft Active Directory with Okta →

Okta Privileged Access – Example Mechanisms to Export/View Session Recordings

This article provides some example mechanisms that could be used to export and view the session recording files produced by Okta Privileged Access. There are two examples shown: A simple series of scripts that show the flow and commands to export and view logs, and An overview of a mechanism built by a former Okta … Continue reading Okta Privileged Access – Example Mechanisms to Export/View Session Recordings →

Integrating Active Directory with Okta Privileged Access

Okta has recently released their Microsoft Active Directory (AD) integration with Okta Privileged Access. This allows AD admin accounts to be stored in the vault and exposed via policy for use when accessing AD-authenticated services. This article provides a brief overview of the new feature. What Is It?How Does it Work?What Does it Look Like?Conclusion … Continue reading Integrating Active Directory with Okta Privileged Access →

Privileged Access Management for Federated Users

This document describes the approach and mechanism to authorize users to access Okta Privileged Access (OPA) and protected resources. IntroductionObjectiveKey FeaturesUse CaseOverviewThe Aim of the SolutionHow the Solution is BuiltSSO: Setup Trust between IDP and SPAdd Org2Org Application on IDP tenant:Setup configuration on Service Provider TenantCreate Identity Provider Rule:Update Org2Org Application on IDP tenant:Assign Okta … Continue reading Privileged Access Management for Federated Users →

Implementing an Offline Password Vault with Okta Privileged Access and KeePassXC

Okta Privileged Access is a SaaS offering. Currently it does not have an offline mode for local storage of break glass credentials. But you can extend it to do so, and that's the subject of this article. We look at a simple mechanism to export secrets from a folder and push them into a local … Continue reading Implementing an Offline Password Vault with Okta Privileged Access and KeePassXC →