MS SQLServer compound accounts not working in Password Authority
search cancel

MS SQLServer compound accounts not working in Password Authority


Article ID: 131840


Updated On:


CA Privileged Access Manager - Cloakware Password Authority (PA) CA Privileged Access Manager (PAM)


Using the  compound account feature for a MSSQL database account, the account is verified on both servers but the actual password verified field shows “unverified”. 

The instructions to set up a compound account are to use one server as the main server, and add additional servers as compound servers. 


Password Authority


Compound account rotation does not work in Password Authority for MSSQL target accounts, when set up according to the documentation. 


There is a work around: Use a dummy server as the host and list all the real servers in the section for compound account servers. 
The dummy server does not have to exist anywhere, it is simply used as the main server for the MSSQL application. 
See the attached Word document for screenshots of the setup.

Additional Information

Note there is only one place to specify the port, on the target application page.   The default port is 1433. 
This work around assumes that each target database server is reached through the same port.
It is an enhancement request to allow different ports for different targets listed in the compound server section.


1558537219132MSSQL_compound_accounts.docx get_app