Opal + Active Directory
‍
Opal +Â Active Directory Use cases
Protect against breaches with least privilege
- Grant just-in-time access to ADÂ Groups that are auto-expiring and fully audited using Slack
- Ensure that privileged roles have the appropriate identity governance and approval configurations, such as multi-stage approvals, max duration, custom fields, and more
Accelerate employee access on paved roads
- Enable resource owners with the most context to approve access requests and provision access automatically via Slack
- Accelerate employee onboarding by enabling managers to request on behalf of their reports or enabling self-service discovery of resource bundles
- Automate on-call access by provisioning and deprovisioning access via on-call schedules
Simplify compliance without manual overhead
- Automate user access reviews so compliance teams can snapshot user listings, assign reviewers to self-service reviews, propagate access changes, and generate an auditor-friendly access report
- Review access of employees who have recently transferred roles or departments
‍

Opal + Active Directory Integration Overview
Opal natively integrates with Active Directory and inherits its structure and membership. This allows users to invite members to Opal easily and grant granular permissions based on existing groups, using your identity provider as the source of truth. With Opal, it's possible to grant role-based access to relevant tools while leveraging a request workflow to grant privileged access.
Active Directory Integration Setup
You can set up the Active Directory integration in minutes:
- Select Active Directory from the Application catalog
- Create an Opal group
- Fill in details about your Active Directory server