Just-in-time Authentication (JIT)

Lithnet Access Manager supports granting access to computers and groups using a simple, just-in-time (JIT) access model.

Rather than administrators having permanent access to computers or groups, they can use Access Manager to grant themselves access on a temporary as-needed basis.

By reducing permanent administrators, you can rapidly increase the difficulty of a successful lateral-movement based attack in your environment.

Access Manager supports two forms of JIT:

JIT for Computers allows you to configure administrators to request just-in-time access to specific machines.
JIT for Roles allows you to define a role, based on an Active Directory group, that users are allowed to request access to on a temporary basis.

PreviousSetting up Lithnet LAPS NextSetting up JIT for computers

Last updated 1 year ago

Was this helpful?