Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Password Reconciliation Feature for Targets other than WINDOWS & AD

Saathvik
All-Star
All-Star

Hi Team,

Does Password Reconciliation feature is supported for other targets like Databases? If so can someone suggest the necessary changes?

Based on this documentation: https://docs.saviyntcloud.com/bundle/CPAM-Admin-Guide-v2022x/page/Content/G-Password-Management/Pass... I can see configuration are only suggested for WINDOWS and AD but not any other targets.

So not sure if it is only supported for those targets as documentation explicitly didn't talk about supported vs not supported


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.
4 REPLIES 4

Saathvik
All-Star
All-Star

Any inputs on this?


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

NageshK
Saviynt Employee
Saviynt Employee

@Saathvik Password Rotation is applicable for all PAM enabled endpoints that support change password through the connector's change password json. So, yes, it is applicable for databases as well. One point to note is that if the endpoint's PAM configuration has "rotateKey" mentioned as false, change password task will not get created for accounts of such endpoints.

Thanks for the reply Nagesh, Can you suggest necessary changes required for Database connections to capture the last password change date on target? Documentation lists the changes required for AD and Windows but not other connectors.


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

NageshK
Saviynt Employee
Saviynt Employee

@Saathvik As long as the user object in the DB has that information, you should be able to add the column in the DataMapping section of the AccountsImport field and map it to the saviynt's account property "LASTPASSWORDCHANGE". For ex. the column in mysql is "password_last_changed".