Advanced Enterprise Options
LastPass Enterprise provides the ability for admins to customize hundreds of settings to achieve the most secure and optimally performing solution for your organization. In the Advanced Enterprise Options of the Admin Console, admins can add and configure global domains and URLs, view a change log of Master Passwords, and much more.
Note: These features are only available to LastPass Enterprise admins.
LastPass Enterprise admins can add Global equivalent domains for their account to allow users to manage a single login for different domains that are related. Learn more.
LastPass Enterprise admins can add Global Never and Global Only URLs in the Admin Console to control when you do or do not want LastPass to prompt your users for action. Learn more.
As an admin, it's important for you to have access to a change log that allows you to view when your users last changed their Master Passwords, and take additional action if they need to be forced to log out and update it. Learn more.
You can view your SAML initialization status and start initialization as follows:
- Log in and access the Admin Console at https://lastpass.com/company/#!/dashboard.
- Go to Advanced Options > Enterprise Options in the left navigation.
- Click the SAML Initialization tab.
- If SAML initialization was already started, you a confirmation message will be displayed that SAML has already been successfully initialized.
- If you have not begun SAML initialization, click Initialize SAML.
LastPass Enterprise admins can restrict the Multifactor Authentication options available for use by users within their organization. Learn more about Multifactor Authentication options.
LastPass Enterprise supports Duo Security integration, which allows admins to configure policies and authentication methods when using Duo Security. Learn how to integrate Duo Security.
All available events that take place in the LastPass Enterprise Admin Console (e.g., login activity, Master Password changes, form fill attempts, etc.) can be passed to a Splunk Cloud instance, where you can then create custom reports using that data. This allows you to use the advanced functionality of Splunk Cloud to access and report on your LastPass Enterprise activity. To take advantage of this integration, you need a running Splunk Cloud instance with a configured Data Input as HTTP Event Collector. Learn how to integrate Splunk.
LastPass supports RSA SecurID authentication via RADIUS. To set up this integration, you must set up a RADIUS client for LastPass in your RSA Authentication Manager. Learn how to integrate RSA SecurID.
LastPass Enterprise supports Symantec VIP authentication. In order to set up this integration, you must provide LastPass with a Symantec VIP certificate. Learn how to integrate Symantec VIP.
LastPass supports SecureAuth authentication. In order to set up this integration, you must provide LastPass with your SecureAuth Application ID, Application Key, and Realm. LastPass uses an outbound firewall, so your server's IP must be explicitly allowed by our Operations team. To make this request, click Contact Support at the bottom of this article, or contact your assigned sales representative. Learn how to integrate SecureAuth.