Hello everyone,
We are running BeyondTrust Password Safe (On-Prem) and managing several network appliances configured as Managed Systems.
Our environment includes:
- Network appliances onboarded as Managed Systems
- Local managed accounts on each appliance
- Application Sessions configured for access to the appliances’ web interfaces
- Two managed accounts (One as Managed account for network appliance and the other for RDS credential injection) with the same username that must share and stay synchronized with a single password
Goal:
When a password is rotated or manually changed for one managed account, the password should be automatically updated on the corresponding account on the other appliance.
Questions specific to Password Safe On-Prem:
- What is the recommended approach to synchronize passwords between multiple managed accounts?
- Can this be achieved using:
- Account dependencies (primary / dependent accounts)
- Shared password objects
- Password change policies applied to multiple managed systems
- Smart rules or API-driven automation?
- Are there any best practices or known constraints when syncing local appliance accounts in an on-prem deployment?
We would appreciate any guidance or real-world examples from similar implementations.
Thank you in advance,
Max.
