Secret Server functions explained: Remote Password Change
Delinea Secret Server
→ What is a Remote Password Change?
→Where can a Remote Password Change be applied?
→ How does it get triggered?
I will answer these questions in this short description.
On this page you can learn more about the server functions.
– written by Reto Wintsch, Secret Server Engineer
What is a Remote Password Change?
- The Remote Password Changer allows to manage passwords (so-called secrets) automatically. That is, depending on the configuration, these passwords are changed automatically on a regular basis.
- Here are a few examples:
- A password is changed automatically every 30 days
- A password is changed automatically after a check-in
- A password change is started manually by a user
- A password is changed because a user who knows this password has left the company (more on this topic in our Post User Audit)
How does a Remote Password Change get triggered?
- Remote Password Change manually:
- manually, but why?
- Password Change Pending:
- Audit Log:
- Since this password has dependencies, these were of course also adjusted at the same time.
- Why should I do this manually? I don’t have to. The system happily does it for me.
Where can a Remote Password Change be applied?
Password Changer List:
- Active Directory Account
- Active Directory LDS
- AD LDS
- Amazon IAM Console Password Privileged Account
- Amazon IAM Key
- AS/400 IBM iSystem
- Azure AD
- Blue Coat Account Custom (SSH)
- Blue Coat Enable Password Custom (SSH)
- Cisco Account Custom (SSH)
- Cisco Account Custom (Telnet)
- Cisco Enable Secret Custom (SSH)
- Cisco Enable Secret Custom (Telnet)
- Dummy PowerShell Changer
- ESX/ESXi (API)
- F5 BIG-IP Root Account (SSH)
- Generic Discovery-Only Credentials
- Generic ODBC (DataSource)
- Generic ODBC (PostgreSQL DataSource)
- Generic ODBC (SQL DataSource)
- Google IAM Service Account Key
- HP iLO Account Custom (SSH)
- IBM iSeries Mainframe
- Juniper Account Custom (SSH)
- LDAP (Active Directory)
- LDAP (DSEE)
- LDAP (OpenLDAP)
- MySQL Account
- New Cisco PW Changer
- New PW Changer
- Oracle Account
- Oracle Account (AS SYS)
- Oracle Account (DataSource)
- Oracle Account (TCPS)
- Oracle Account (Template Ver 2)
- PostgreSQL Account (x64)
- PowerShell Script **
- SAP Account **
- SonicWall NSA Web Admin Account
- SonicWall NSA Web Local User Account
- SQL Server Account
- SSH Key Rotation **
- SSH Key Rotation (No Password) **
- SSH Key Rotation Privileged Account **
- SSH Key Rotation Privileged Account (No Password) **
- Sybase Account
- Unix Account (SSH)
- Unix Account (Telnet)
- Unix Account Custom (SSH)
- Unix Account Custom (Telnet)
- Unix Account SU Takeover (SSH)
- Unix Account SUDO Takeover (SSH)
- Unix Root Account Custom (SSH)
- WatchGuard Custom (SSH)
- Web User Account (built-in support for AWS, Google, Salesforce)
- Windows Account
- z/OS Mainframe
- z/OS Mainframe (Priv Account)
* Does not require an Advanced Scripting Add-On License. Will require PowerShell installation.
** Professional Edition add-on/Platinum Edition only
Other platforms that Secret Server can change passwords on include:
- AS/400
- Linux / Mac
- Check Point
- Enterasys
- Dell DRAC
More explanations of Secret Server functions can be conveniently found at:
Fast find/Delinea
Do you have further questions about Secret Server? Contact Reto Wintsch directly.