john_howson's avatar
john_howson
Occasional Contributor
8 years ago
Status:
New Idea

Non-expiring internal accounts for scripting when external authentication is utilized

I'm in a situation in which Collaborator has been configured to authenticate with LDAP (Solaris UNIX environment), our passwords are required to expire and be changed every 60 days, and we are using scripts which depend on one of those LDAP defined user accounts.  I can't set the time-to-live to 12 hours, effectively require the re authentication of users each time they login, as that would expire the script user account every 12 hours as well.  A special script running at a shorter interval so as to keep the script user account authenticated has been suggested, but it would be nice to have an internal collaborator account which was independent of both the time-to-live setting (has it's own?) and the external authentications PW expiration requirements, for running scripts.

  • Garen's avatar
    Garen
    Senior Member

    The ability to use a local admin account is very common with other tools, and is also needed if the local LDAP configuration is inadvertently broken, or the LDAP directory is down.  All of these use cases would be greatly helped by the ability to use a local admin account when an external directory is configured.