and more in a single search tool across platforms. Read the announcement here. |
03/06/2024 07:37 AM - edited 03/06/2024 09:10 AM
we have run the bootstrap on 300+ Windows endpoints for vaulting the built-in administrator account. All accounts have been vaulted successfully and PAMENABLED, however 60+ accounts are not available in PAM request page under the respective endpoints. We have determined that all of these accounts are imported as Platform Service Accounts, and if we alter the account type to FIREFIGHTEREID, they become available for PAM requests.
Would like to know what how account types are mapped on reconciliation for any PAM platform
03/08/2024 04:21 AM
Hello @suresh_ravuri,
We are checking it internally, we will keep you posted.
Thanks
03/10/2024 09:49 PM
Hello @suresh_ravuri,
Have you enabled the below configuration during import?
"Enable_Service_Account_Management parameter to true." This could reason why these accounts are discovered as "Windows service accounts" and displayed as "Platform Service Accounts".
Hence, it is not recommended to modify the account type to "FIREFIGHTERID" or any other designation, as it could potentially disrupt Windows services, as they are being utilized as service accounts in one of the Windows services.
For Ref :- https://docs.saviyntcloud.com/bundle/CPAM-Admin-Guide-v24x/page/Content/E-Onboard-Target-Endpoint/Co...
Thanks.