The SAM SDK lets you automate the management of privileged account passwords in scripts. If you do not want to modify scripts that contain hard-coded passwords, you can write an application that regularly replaces the passwords in the scripts.
For example, you have ten scripts on an endpoint that contain hard-coded passwords for the same privileged account. You do not want to modify the scripts. You can use the SAM SDK to write an application that checks out the privileged account password at a suitable downtime, updates the password in each script, and then checks in the password. Regularly changing the passwords helps increase the security of your privileged accounts.
If you create an application to perform this task, verify that CA ControlMinder Enterprise Management does not change the privileged account password on check out or check in. You can use the View Privileged Account task to verify this information.
Note: You can also use a CLI password consumer to replace hard-coded passwords in scripts. For example, use a CLI password consumer if you want to manually update a hard-coded password in a file.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|