Hi All, we have an ask form our cyber team regarding Solarwinds SAM, NPM, WPM.
Basically the ask is we need to be able to rotate the passwords on the accounts that Solarwinds uses to carry out WMI monitoring on the windows machines in NPM and SAM. Ideally this would be automated, so that we can create a policy on our accounts within the secrets store that says "every 90 days change the password". The would do the following:
1. Connect into AD and change the password(s) on the required accounts
2. use an API (Orion SDK) to make a call into the DB to change the password on the accounts that have been changed in AD
3. Log an audit trail so we know the password has been changed and that it was successful
This seems easy and straight forward, but getting this to work could be hard - this would cover the needs in NPM and WMI in SAM
WPM is a little more complex as there are 2 areas here:
1. The Domain accounts used to run the services - in our case 8 accounts over 3 domains
2. The passwords typed within the recordings
So here the ask would be similar to the first section relating to WPM, but obviously the playback service has these encrypted into its config file that would need to be updated, not sure how this could be done as they are on each server/poller where the playback feature is installed and this would also mean stopping and starting these services whilst the passwords are saved into the config file.
The second part would involve editing the playback once it is recorded to add an API that would allow the recording to fetch any typed password back from the enterprise secrets store at runtime, rather than embedding an encrypted version in the recordings.
So does anyone have any thoughts on how to achieve this, or even better has anyone out there in this vast community managed to work out how this can be done?