Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Service account reset password

RCreddy
New Contributor
New Contributor

‎03/16/2024 02:52 AM

Hello,

We have a requirement for service account where only OU=PAMprod_Service account should be able to perform the reset password for service account.

Now the current functionality is but we don't want this every user who is having admin savrole is able to perform reset password for service account.

Please let me know where can we configure this functionality

Labels:
0 Kudos
2 REPLIES 2

PremMahadikar
Regular Contributor III
Regular Contributor III

‎03/17/2024 01:09 PM

Hi @RCreddy ,

This can be handled by 'change password access query' at endpoint config.

PremMahadikar_0-1710705942767.png

Assuming you are storing 'OU=PAMprod_Service' in account details. Please try below

where u.userkey in (select ua.userkey from user_Accounts ua where ua.accountkey in (select a.accountkey from accounts a where a.name like 'OU=PAMprod_Service' and a.endpointkey=<000>))

Also sharing some links for reference:

Use cases and Implementation examples for managing passwords

- More about 'Change Password Access Query'

 

If this reply answers your question, please consider selecting Accept As Solution and hit kudos.

Best,
Prem Mahadikar
0 Kudos

rushikeshvartak
All-Star
All-Star
In response to PremMahadikar

‎03/17/2024 05:53 PM

@PremMahadikar  Query is wrong rushikeshvartak_0-1710722444349.png

Service Account is always orphan hence joining user_Accounts in query is not correct

 

@RCreddy  Currently which account to be visible can't be restricted however how to show can be only restricted 

 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos
Copyright © 2024 Khoros, LLC