Skip to main content

I have 300 Linux servers and need to onboard them as a managed system. What would be the best practice in terms of Functional Account? ONE FA to all Linux server or one FA to each linux server? They are all local accounts.

To manage the Linux machines local accounts you will need to create a FA for each individual Linux machine and assign the require elevated permission. If you want to use a single FA account within Password Safe to be used for all the 300 Linux machine you will have to the FA in every individual Linux machine and set the same password for all.

https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0016828

https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0017405

Thanks.

Just to clarify this as well.. in this setup can the Linux functional account also be auto managed so that the credential would rotate on all associated managed systems periodically?

If so, how would this work when new Linux systems come online, in terms of the FA password? It would be unknown at that point, so the onboarding would fail?

Reply


Badge Earners

  • BCIE: Endpoint Privilege Management - Windows
    vnmkhas earned the badge BCIE: Endpoint Privilege Management - Windows
  • BCIE: Password Safe
    dreishas earned the badge BCIE: Password Safe
  • BCA: Endpoint Privilege Management - Mac
    Russell Warburtonhas earned the badge BCA: Endpoint Privilege Management - Mac
  • BCIE: Password Safe
    Sorpehas earned the badge BCIE: Password Safe
  • BCA: Remote Support
    Jerry Zhanghas earned the badge BCA: Remote Support
Show all badges
Terms & ConditionsCookie settings