Server Enrollment

To allow access to a server, teams must install the Okta Privileged Access server agent, and enroll the server agent into a specific project. If a team uses the default configuration, the Okta Privileged Access server agent manages user accounts and groups on the server and allows users to open SSH or RDP connections through the Okta Privileged Access client.

If a local server account enrolled in Okta Privileged Access shares the same user ID as a regular user, the server account is removed when the user disconnects from the server.

Enrollment methods

Teams can enroll servers using an enrollment token. This method requires teams to generate a token and add it to a token file that's stored on the server. See Create a server enrollment token.

Related topics

Create a server enrollment token

Verify server enrollment

Unenroll a server from Okta Privileged Access