Hello, we have a need to create a known managed account ( this is a local account on system) for multiple systems along with password. We do not want to rotate this password and is same across these systems. (This will not be used unless break-glass scenarios and has approvals + alerting configured). I am looking for a way to automatically sync the password. I am able to create the account on newly onboarded system using managed system smart rule but can’t set the password.
For subscriber/sync accounts , I think it requires Auto Password Management enabled .
To do it via API , I think I will need to fetch the cred and send it back from an endpoint running the script. We want to avoid this and manage it within PS or the appliance.
Is there a way to trigger this via smart rules . The managed system will be created using API and account created using smart rule.
creating known managed account on multiple systems with a fixed password
Hey
You could optionally set the automatic password management to be yes with the change occurring every 999 days (every 2.5 years). The API, while is an option, could open up a hole if the security restrictions for that API account aren’t well locked down.
If it’s a break-glass account and all systems have the same password, I’m going to assume that alerting etc. is outside of PasswordSafe so compromising one system won’t compromise them all.
Thank you
Badge Earners
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.