Password management is a common IT support issue that creates problems for many organizations. Password management can be divided into two categories. The first category is normal user accounts, for day-to-day activities by normal users. The second category is privileged accounts, such as background applications and server administration accounts, managed only by IT administrators.
Regular user accounts usually cause a lot of routine work for the IT help desk, because users tend to forget passwords and accidentally lock their accounts, and they call support for help, which can use up a lot of time. Privileged accounts are managed by very thorough IT guys, but they can also cause a lot of worries and headaches because of their shared nature. One privileged account is usually managed by multiple admins, and each admin usually has multiple accounts, creating complex relationships to keep in mind.
Privileged accounts fall into two types: service and administrative. Privileged service accounts run services and other background applications. Privileged administrative accounts are used for managing servers. A local Administrator account is an example of a privileged server management account.
Every IT team needs many privileged passwords for managing servers and applications. It's a common situation when a group of servers is managed by several different administrators, and proper account maintenance requires close cooperation between them. Password changes may cause unexpected effects, such as account lockouts, if not properly communicated to all team members.
To address privileged password management issues, Netwrix designed a product called Privileged Account Manager. Once the product is deployed, all privileged password management takes place from a central server, accessible from a Web browser. Administrators never update passwords directly, but rather go through a management console, which ensures the proper workflow. All you have to do is specify a list of managed servers once for each account. Then, when someone from your team changes a password, the product goes through all of your servers and updates automatically discovered services. You may even remove administrative permissions from your normal accounts to prevent inadvertent changes and let Privileged Account Manager take care of your service accounts.
Note: if you are looking for password management of regular user accounts, please visit Netwrix Password Manager home page.
SC Magazine Review: Netwrix PAM provides a web-based password repository for privileged accounts... eliminating the need to use unsecure shared databases or XLS files for password sharing... This product is fairly lightweight... the installation takes just a few minutes... We did find this product to integrate well into the environment... Read more...