How to manage local scan account and functional account step by step

Question

Hello Everyone,

I can understand the logic behind the automatic password rotation of local functional account even if we have new server onboarded using same first functional account credentials, but it is untested. i am trying to test it and update it once done.

Regarding the Local scan account i actually do not have any idea that how can we manage it (Using enable scanner on managed account i know but what if we have onboarded 100 servers and now we need to scan 100 more and the scan account is using old credentials on remaining 100 servers also if i need to perform the scanning on old scanned assets?)

There are lots of questions in my mind regarding the management of local scan accounts.

Please feel free everyone to share your recommendations………………………….

Mike Friemoth · Answer

When using a local functional account, every host then gets a unique password. In password safe under the functional account configuration, that is where the first password would get set. After the system is onboarded, that individual managed system has a unique functional account password. From there on, you must go to the managed system to update that specific functional account password, should you ever need to.

For Local scan account, I’ve found the best way is to pick a server and a scan account name. That account name must be the same on all the other hosts. Once the “master” host has the account onboarded, enable that account for scanning. When you onboard every other server, sync the password of the scan account to the “master” host. This way, you can have one credential for scanning all the assets with only one scan job. If you don’t sync the passwords, then there is a unique scan account for each host requiring a unique scan job for every host.

Reply

Badge Earners

Reply

Badge Earners

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded