Preventing an Administrator from changing another user's password in a PAM SC/PIM Windows endpoint
search cancel

Preventing an Administrator from changing another user's password in a PAM SC/PIM Windows endpoint

book

Article ID: 265336

calendar_today

Updated On:

Products

CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction

Assuming one wants to prevent a user with Administrator rights in a Windows PAM SC/PIM Endpoint from changing the password of other Windows users, the question arises if this is possible by using PAM SC/PIM classes and selang commands

Environment

PAM SC and PIM, all releases

Resolution

In a Windows PAM SC/PIM endpoint there is no way to prevent from PAM SC/PIM a user from changing the password of another if he is an administrator and it has the right to do so as PAM SC/PIM do not have the capability to limit access to the SAM database in Windows

Powered by Wolken Software