PAM: Can Super Account password be rotated?
search cancel

PAM: Can Super Account password be rotated?

book

Article ID: 235180

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

Password for config and super is known to the PAM administrators and stored with them for emergency login purpose.  Is there any recommendation from Broadcom on storing the super and config passwords so that it can be retrieved during emergency situation and without being known/stored locally by administrators?

Environment

Release : PAM 

Component : All versions

Resolution

Super account password can't be rotated internally in CA PAM. The reason is that if you are able to rotate the password for the super user and if there is a situation where you not able to connect with CA PAM with any other user accounts and need to login with 'super' then the password would not be known to any person.