Idea Details

Secure Active Directory queries using gMSAs instead of password-secured service accounts

Last activity 9 days ago
Babu Rajan S's profile image
By: Babu Rajan S
08-16-2022 19:06


Secure Active Directory queries using gMSAs instead of password-secured service accounts


Since 7.1 the only option for querying active directory domains that require authentication other than the account running BP Server is to provide the details of a service account in the Active Directory Domains configuration section in Sign-on settings


Our security policy requires that password-secured accounts have passwords that expire daily.  This is unmanageable in 7.1 as it would require us to update the stored passwords in Blue Prism immediately after the passwords have changed


Ideally, we would be able to secure the Active Directory queries with a gMSA


Also, add an option to create gMSA user.

Currently when we try to add AD user it only list/search the AD accounts, it is not searching the Managed Service account (MSA/gMSA).  -- Get-ADSServiceAccount

This will help to run the runtime as gMSA account.


Comments

08-16-2022 19:10

Allows to add MSA/gMSA account as BluePrism user

Ideas Portal

• Like this idea? Tap the up arrow!  Ideas with over 15 votes will be discussed with our product teams in our idea review meeting.
• Discussion is healthy! If you have a question or comment, don’t be afraid to jump in and start a discussion in the comments section below.
• Collaboration is the key to making magic happen!
New
This idea is new to the community and hasn’t been reviewed yet. While in the New stage, it is particularly important to vote and comment to further the discussion around this idea.
Duplicate
This idea already exists! A change to the Duplicate status will include a comment linking to the existing idea, so all voting and feedback can be collected in one place.
Need More Info
We’ve reviewed this idea, and determined we need a bit more info before deciding on how to move forward. An update to the Need More Info status will be accompanied by a comment explaining which additional details are needed. Ideas are still open for voting and comments while in the Need More Info stage.
Reviewed
We have all the info we need and are planning to review the idea for implementation feasibility and value added to the product. Ideas with this status are still open to community voting and discussion.
Under Consideration
We have all the info we need and are currently considering the feasibility of implementing this idea. Ideas in the Under Consideration status are still open to community voting and discussion.
Not Planned
We’ve reviewed this idea, and determined that it’s not feasible to implement right now. Ideas in the Not Planned status are no longer open for voting.
Planned
We’ve reviewed this idea and have determined that it will be delivered in the near future. Ideas in the Planned status are not attached to a binding timeline, but there is a concrete plan to implement this idea.
Planned-Now
We’ve reviewed this idea and confirmed that this is planned for delivery in the next 6 months.
Delivered
Congrats! Your idea has been accepted by the team and is now delivered! Give yourself a pat on the back – you contributed to the improvement of one of Blue Prism’s products or services!