Symantec Privileged Access Management

Hi All,

There are OnTap storage servers/boxes in the environment with local account on the storage boxes. Customer wants to manage the local accounts of OnTap storage boxes. Can you please confirm if the password rotation of local accounts on OnTap storage boxes can be done via CA PAM?
If yes, it would be great if you can share some content or step for reference. I will try to replicate the same configurations in customer environment to achieve the password rotation of local OnTap accounts.

Thanks,
Shashank

Hello Shashank, PAM has no built-in integration with OnTap storage devices. It has a custom connector framework that lets you build your own connectors. see https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-access-manager/3-4-3/implementing/protect-privileged-account-credentials/develop-custom-connectors-for-remote-targets.html. It may be possible to use a UNIX target application with a custom script. This likely would require a Services engagement.
Original Message:
Sent: 02-22-2021 02:45 PM
From: Shashank Verma
Subject: Password rotation of local OnTap (Storage box) accounts

Hi All,

There are OnTap storage servers/boxes in the environment with local account on the storage boxes. Customer wants to manage the local accounts of OnTap storage boxes. Can you please confirm if the password rotation of local accounts on OnTap storage boxes can be done via CA PAM?
If yes, it would be great if you can share some content or step for reference. I will try to replicate the same configurations in customer environment to achieve the password rotation of local OnTap accounts.

Thanks,
Shashank

Thank you so much Ralf for the guidance, will discuss this further with stakeholders.
Original Message:
Sent: 03-02-2021 11:02 AM
From: Ralf Prigl
Subject: Password rotation of local OnTap (Storage box) accounts

Hello Shashank, PAM has no built-in integration with OnTap storage devices. It has a custom connector framework that lets you build your own connectors. see https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-access-manager/3-4-3/implementing/protect-privileged-account-credentials/develop-custom-connectors-for-remote-targets.html. It may be possible to use a UNIX target application with a custom script. This likely would require a Services engagement.
Original Message:
Sent: 02-22-2021 02:45 PM
From: Shashank Verma
Subject: Password rotation of local OnTap (Storage box) accounts

Hi All,

There are OnTap storage servers/boxes in the environment with local account on the storage boxes. Customer wants to manage the local accounts of OnTap storage boxes. Can you please confirm if the password rotation of local accounts on OnTap storage boxes can be done via CA PAM?
If yes, it would be great if you can share some content or step for reference. I will try to replicate the same configurations in customer environment to achieve the password rotation of local OnTap accounts.

Thanks,
Shashank