In ~1 year, we will need to go through another Security Scan for WHD.
Putting this in now should give the SolarWinds development team a head start on getting us a solution for us, avoid a last second emergency system down request situation.
I have a support case in but it keeps getting closed because it's severity is being misunderstood.
We were told that we need to address the password reset & change interface WHD currently has to reflect the AO/Judiciary requirement's.
The requirement is that when a password is being changed the user/tech needs to enter the old password first then the new password twice. See below for an example of how they require it to act/look.
For the password reset initiated by the admin account, it should look & act the same as above but use the admin password to reset a user/tech account password with possibly an auto generated password that results in an email to the user/tech. SolarWinds developers should be able to make it how they like as long as it meets the AO's requirements.
Like our last feature request, our continued use of SolarWinds WHD will only be allowed if we comply to the AO's requirements. Our last ITSO scan was passed only because I pointed out ONE judiciary system that failed to implement their own requirement - they have since fixed that system so our next scan will not friendly.
The AO/Federal Judiciary does not have a sense of humor when it comes to court units complying to their requirements. I know it might seem like I’m demanding this, but in reality, we are begging for support.
This will become a system down situation for us if the SolarWinds development team does not Integrate this “Feature Request” for us. I put in this support Case #: 01839412 to give the SolarWinds development team plenty of time to work on a solution for us before we get sighted for the password change requirement by the AO’s security scan team in ~1 year.
Help us get this to the right developers/people so we can avoid an ...
