Integrate with Active Directory (on-premises) to authenticate user access attempts and take action on risky account activity.

Active Directory (on-premises) integration requires the use of a Service Gateway, third-party integration settings, and SSO.
You cannot configure single sign-on (SSO) from multiple IAMs. Ensure that you configure the necessary permissions and SSO on the IAM you want to use for Private Access and Internet Access authentication.


  1. Prepare a VMware ESXi or Microsoft Hyper-V Service Gateway appliance that connects to your on-premises Active Directory server.
  2. Go to Zero Trust Secure AccessSecure Access ConfigurationIdentity and Access Management.
  3. Click Grant permissions next to Active Directory (on-premises).
    A new browser tab opens to the Third-Party Integration > Active Directory (on-premises) screen.
  4. Connect your Active Directory server to Trend Vision One by configuring Active Directory (on-premises) integration.
  5. Configure SSO based on the authentication protocol that your on-premises Active Directory system supports.