Skip to main content

Hello! 
How do you manage your functional accounts - domain as well as local ?

Domain:

I think it will be easier to manage and enable auto-rotation at more frequent intervals. I think we have to be careful about the managed account rotation while scheduling this. Are there any other risks to availability ?

 

Local functional account:
This is tricky. e.g. for linux systems we will have a localfa added to Passwordsafe. Its initial password remains constant in passwordsafe - so that it can onboard new systems. What would happen if we enable rotation on it ? The initial password of functional account will remain same so that it can onboard other machines but on existing machines , each system will have its own password for localfa and that same password will be used to rotate its password on schedule? What are the possible risks to Availability in this case ?  Is
 

Be the first to reply!

Reply


Badge Earners

  • BCA: Password Safe
    kapadawahas earned the badge BCA: Password Safe
  • BCIE: Password Safe
    Avishka Vithanagehas earned the badge BCIE: Password Safe
  • BCIE: Password Safe
    MircoAhas earned the badge BCIE: Password Safe
  • BCA: Privileged Remote Access
    rrueschXalienthas earned the badge BCA: Privileged Remote Access
  • BCSE: Privileged Remote Access
    daphas earned the badge BCSE: Privileged Remote Access
Show all badges
Terms & ConditionsCookie settings