The linked accounts feature enables you to specify extra accounts that are required by the CPM to logon to a remote device or to log on as a privileged user to change the original password. For example, a Cisco user can log on to a remote machine as a ‘regular’ user, and then use the ‘enable’ account to acquire the authorization required to change the password on the remote machine. The Password Vault supports up to three extra accounts.
Target platform definitions specify the parameters for its linked account(s) in either the Target Account or Service Account that requires them. When the linked accounts are specified in the Target Account platform, they appear in the CPM pane of the Account Details page. When they are specified in the Service Account platform, they appear in the CPM pane of the Service Account Details page.
The following example shows the Linked Accounts section in the platform settings page for Cisco SSH passwords.
The Linked Accounts section is in the Target Account platform, indicating that the extra account can be linked from the Account Details page. The platform in the above example offers three types of linked accounts – an Enable account, a Logon account, and a Reconcile account.
Each linked account is defined by three properties, as shown in the Properties list in the above example – the Name of the linked account, the DisplayName, which determines the text that will appear in the PVWA, and the PropertyIndex, which is for internal processing.
As a result of the above example, the PVWA will display the following pane when the user adds a Cisco account.
For more information about adding a linked account to new and existing accounts, refer to Create linked accounts.