Hello Mike, PAM would not be concerned with creation of the accounts on the windows servers, that would be an activity outside of PAM. Assuming the accounts exist on the windows servers, you can configure devices, target applications and target accounts for those Windows accounts in PAM. In this case accounts of type
Windows Remote likely would be best. You can do this interactively using the PAM UI, or use Rest API calls, or use the remote CLI, see the subjects under documentation section
Programming. I assume you create these accounts with a common password to start with. To then manage the passwords with PAM and keep them the same for all the accounts, you would configure a target group that contains these accounts, and then configure a periodic scheduled job to update the password, choosing to use the same password for all accounts. Is that what you are looking for?
Original Message:
Sent: Nov 30, 2022 01:49 PM
From: Mike Luio
Subject: Create one user over workgroup servers
Hello,
I have over 50 out of domain windows servers (workgroup). And i want to create one account with one password to be created for all servers, and the purpose is for Vulnerability Assessment, how i can achieve that? Is there a way with API or script to do so with CAPAM?
Thanks 😊