Ability to change credentials when applying script

We would like to limit our NCM Process account to only be able to run the bare minimum commands needed to function via TACACS.

However we still want the ability to script changes through NCM and would prefer the ability for users to manually enter their network admin credentials before executing the script. This would provide more security and make it easier to identify who made the changes.

Find more posts tagged with

credntials

script managment

ncm

credential_template

privileges

Status: None

Comments

rschroeder

I like your idea, but I also offer the thought that your NCM service account's activities are easily tracked back to the user who caused them. Solarwinds logs who issued the original commands, and it takes only one step to reveal who ran the Job or scripts that caused a change actuated through the NCM service account.

Still, if Solarwinds could FORCE your request to be applied, so that the NCM service account was never used, and so that the original creator of the scripted changes was revealed, it would eliminate that one step.

It's a nice idea. Good work!