Queries regarding Credential management ?

#1
Hi All

How in real time projects the credentials created in credential manager are updated when the credentials get expired ? How is it automated ?
 
#3
Hi Kamal,

Yes credential manager can be updated when the credentials get expired .

Just problem is when we use get credential action we get username as blank value .

But if you have some define manner where you want to update the password before the expire day then it can be possible

We can use play with VBO Credential to achieve it .

If any more help please let me know I have done that process to automate already.
 
#4
Hi Kamal,

Yes credential manager can be updated when the credentials get expired .

Just problem is when we use get credential action we get username as blank value .

But if you have some define manner where you want to update the password before the expire day then it can be possible

We can use play with VBO Credential to achieve it .

If any more help please let me know I have done that process to automate already.
Thanks Shikhar.

Yes, that's what I am asking. How can we automate to update the credential before it expires ?

One more thing, if you have worked on Login Agent then also if for some machine the login credential is going to expire how do we automate the same ?
 
#5
Hi Kamal,

Steps to Automate Credentials

1. Get all Credentials as list by passing status like Valid or invalid etc. using VBO Credential output will be collection of Credential available
2. Loop around Credential Collection use get Credential details action to get username and other details
3. Use Generate and Set action to set the new password automatically pass different parameter like
- Expiry date as per need
- Length of Password
- Use Upper case in password flag
- Use Lower case in password flag
- Use Numeric case in password flag
- Additional Characters in text if any like $,!,~ etc.
4. After this use Set Credential and pass parameter password created in step 3 and its other attributes.
5. Loop End of collection where one Credential is changed and set with new automated password.

If want to check use get credential and check password and other stuff.

let me know if any more queries
 
#6
Hi Kamal,

Steps to Automate Credentials

1. Get all Credentials as list by passing status like Valid or invalid etc. using VBO Credential output will be collection of Credential available
2. Loop around Credential Collection use get Credential details action to get username and other details
3. Use Generate and Set action to set the new password automatically pass different parameter like
- Expiry date as per need
- Length of Password
- Use Upper case in password flag
- Use Lower case in password flag
- Use Numeric case in password flag
- Additional Characters in text if any like $,!,~ etc.
4. After this use Set Credential and pass parameter password created in step 3 and its other attributes.
5. Loop End of collection where one Credential is changed and set with new automated password.

If want to check use get credential and check password and other stuff.

let me know if any more queries
Thanks @shikhar.mishra. It really helps. I will implement and test the same.
 

Pete_L

Active Member
#8
There is often someone who can prove an answer wrong. That's the beauty of a community forum. While Shikhar is correct in explaining how the password can be changed through automation, there are still issues regarding doing this in practice. Let's say you have a credential for the bot to login to an application, like SAP. Someone has set the password within SAP manually, and that password has been entered into Credential Manager for your automation to use. Now, let's say you automate the generation of a new password in Credential Manager. That newly generated password is encrypted and is not shown in the Credential Manager record. Unless you know how to get the password from Credential Manager to plain text (which I will not explain because it bypasses BP's security), then how will you know what the password is so you can change it in SAS? You could automate the SAS password changing process, and get the new password from Credential Manager, but in practice in my organization we have found that it is much easier to do it manually rather than spending time coding the password-changing process for the 100+ applications that we automate. When we turn over a new automation to production, we train our Help Desk on how to manually change the password in the application. We give them a report every week showing the credentials that will expire that week, and they manually change the password in the applications. After they make the change, we then manually update the Credential Manager record with the new password that the Help Desk has given us. Again, we have a very large number of applications that we interact with; we have chosen not to spend time automating the password changing process on them since it is a function that is seldom used and we feel the development time is better spent on other things that we consider to be more important. I guess it helps (for us) that we are able to pass off most of the password-changing activity to another group in our company.

So it appears that I have projected the methodology that we use and offered it up as a blanket statement that it must be done manually. I was trying to give you practical advice, but I neglected to consider that my situation can differ from the circumstances that others may have. I apologize for giving you the wrong information, but I'm glad that someone with a differing viewpoint was able to set the record right.
 
Top