Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Syncing with AD with a PAM Enabled account with Autorotate:false

jdfranco
New Contributor III
New Contributor III

Do accounts that are pam enabled on an endpoint synced with AD and have autorotate:false update the password in AD when the password is changed in CPAM?

We have a use case whereas we would like the credentials imported into CPAM from AD and the password managed through CPAM but NOT have Saviynt autorotate the password. If a user changes the password in Saviynt with Change Service Account Password function, it should update the password in AD as well.

1 REPLY 1

NageshK
Saviynt Employee
Saviynt Employee

@jdfranco Yes, when you add "rotateKey":"false" to your endpoint change password tasks will not be triggered for the accounts. However, if you trigger a change password through "reset service account password" option, a change password task will still get created. Please try this out for a single account in lower environment and confirm that the behavior is as you expected.

Thanks,

Nagesh K