Network Password Changing works hand-in-hand with our Secret Expiration feature. When a Secret expires, a background process in Secret
Server will automatically generate a new password - which can be customized - and set the new password on the remote account. Expiring
Secrets are automatically given new passwords. We currently support changing passwords on Windows local admin accounts (whether domain joined or not), Active Directory, Microsoft SQL Server, Unix/Linux, Sybase, ESX Server, MySQL and Oracle accounts.
In addition to the on premise network password changing, Secret Server can update web site credentials. Currently Google, Amazon, and Windows Live accounts are supported. All Remote Password Changing features such as Check Out and Heartbeat work with these accounts, so you can provide additional security as well as verify that passwords are correct.
Secret Server can also change passwords on network devices such as Cisco and many other platforms.
These three services require Enterprise Edition:
Updating Windows Scheduled Tasks and Service Accounts
Remote Password Changing (RPC) provides immediate synchronization for Scheduled Tasks, Windows Services and IIS App Pool Users. You can keep all the dependencies up to date with the appropriate account information from any RPC Secret.Examples include:
- An IIS AppPool that uses a Domain account as its identity.
- A Service Account running a Windows Service.
- A task that is scheduled to run as a particular user.
- COM+ services running as a Service Account.
- Passwords embedded in flat files and configuration files.
Check Out Secrets
The Check Out feature forces accountability on Secrets by granting exclusive access to a single user. If a Secret is configured for Check Out, a user can access it, but after checking it in Secret Server automatically forces a password change on the remote machine.
No other user can access a Secret while it is checked out unless Unlimited Administrator Mode is enabled. This guarantees that if the remote machine is accessed using the Secret, the user who had it checked out was the only one with access to those credentials at that time.
Running PowerShell Scripts on Password Change
Secret Server allows you to upload PowerShell scripts and then run them when a Service Account's password is changed. This convenient hook allows near unlimited flexibility for custom actions on password change. Send emails, interact with custom applications, update databases, communicate via web services, etc.
Next Feature: Email notifications >