Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Secure Active Directory queries using gMSAs instead of password-secured service accounts

BabuRajan_S
Level 3
‎16-08-22 07:06 PM
Status: New

 

Secure Active Directory queries using gMSAs instead of password-secured service accounts


Since 7.1 the only option for querying active directory domains that require authentication other than the account running BP Server is to provide the details of a service account in the Active Directory Domains configuration section in Sign-on settings


Our security policy requires that password-secured accounts have passwords that expire daily.  This is unmanageable in 7.1 as it would require us to update the stored passwords in Blue Prism immediately after the passwords have changed


Ideally, we would be able to secure the Active Directory queries with a gMSA


Also, add an option to create gMSA user.

Currently when we try to add AD user it only list/search the AD accounts, it is not searching the Managed Service account (MSA/gMSA).  -- Get-ADSServiceAccount

This will help to run the runtime as gMSA account.

37179.png

See more ideas labeled with:
3 Comments
BabuRajan_S
Level 3
‎16-08-22 07:10 PM
‎16-08-22 07:10 PM
Allows to add MSA/gMSA account as BluePrism user
0 Likes
esearleffsb
Level 2
‎08-08-24 06:32 PM
‎08-08-24 06:32 PM

This is a must have option for the Financial Industry where high security is regulated.

0 Likes
willem.d4s
Level 5
a month ago
a month ago

Yes please add use of gMSA to Blue Prism - otherwise we have to manually update passwords for service accounts on a regular basis, which then impacts productivity due to downtime.

0 Likes