PAM: Can Super Account password be rotated?
search cancel

PAM: Can Super Account password be rotated?


Article ID: 235180


Updated On:


CA Privileged Access Manager (PAM)


Password for config and super is known to the PAM administrators and stored with them for emergency login purpose.  Is there any recommendation from Broadcom on storing the super and config passwords so that it can be retrieved during emergency situation and without being known/stored locally by administrators?


Release : 3.4

Component :


Super account password can't be rotated internally in CA PAM. The reason is that if you are able to rotate the password for the super user and if there is a situation where you not able to connect with CA PAM with any other user accounts and need to login with 'super' then the password would not be known to any person.