Buckit Posted April 17, 2018 Share Posted April 17, 2018 Hi guys, I've searched through the manuals but couldn't find anything that covers my question. Funnily enough I do know that there's a report that checks whether what I want to do is happening. Question: I know it's not a good idea and I know it's against good practices, but: is there a way to link or sync individual accounts across multiple hosts, so they share the exact same password? Use case: Let's say I have Nx100 amount of IoT devices that have both a root account and a remote access account (let's call it "remote"). These boxen cannot hook up to a centralized accountsdatabase, like LDAP or AD, but we do want to manage both the passwords of root and of remote. Currently we are stuck following this process: Make a host object for the device (X). Define the remote user and password for host X in PState. Define a privileged user linked to the remote user for host X. Define the root user for host X and set its management through the privileged user for host X. Repeat ad nauseam, for Nx100 systems. *shudder* Things would be a bit easier if we could make one (1) privileged user which is linked to one of the remote user accounts, with the huge amount of remote user accounts linked in such a way that all of them share the same password. Or perhaps: Now perhaps I'm thinking about this the entire wrong way. Is it possible to make one user record that applies to N amount of hosts? Any tips would be useful! Link to comment Share on other sites More sharing options...
support Posted April 17, 2018 Share Posted April 17, 2018 Hi Buckit, Sorry, we do not have an easy method to achieve what you're wanting here. The only thing we can think of is to use our API to reset multiple accounts at once, using the same password. But like you mentioned, it's not generally recommended. Regards Click Studios Link to comment Share on other sites More sharing options...
Buckit Posted April 17, 2018 Author Share Posted April 17, 2018 Dang, was afraid of that.I also gave it a quick try to kludge this together as a dependency, but unfortunately that doesn't work Now, what I've seen in the past, working with CyberArk, is the possibility of defining one password+account object which references multiple hosts. I reckon that would be the most elegant solution. This would be a very useful feature to have, especially with IoT devices like the ones I'm working with. #FeatureRequest Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.