vault-plugin-secrets-ad icon indicating copy to clipboard operation
vault-plugin-secrets-ad copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

Auto disable account feature for checkin - checkout

Open jflartaud opened this issue 5 years ago • 1 comments
trafficstars

Overview

Who the change affects or is for (stakeholders)? All the users that activate the feature on library management What is the change? Give the possibility to lock (disable) the service account on check-in and to unlock it (enable) on check-out Why is the change needed? Provide a additional level of security on service accounts How does this change affect the user experience (if at all)? Ensure that an account that is check-in cannot be used.

Design of Change

How was this change implemented?

  • Provide the functions to manage the UserAccountControl attribute by adding ou removing the ACCOUNT_DISABLE flag.
  • Add the auto_disable_account (boolean) parameter on the set configuration
  • Update the check-in / check-out method

Related Issues/Pull Requests

No issue, just an identified need

Contributor Checklist

[ ] Add relevant docs to upstream Vault repository, or sufficient reasoning why docs won’t be added yet Update on documentation PR hashicorp#9701 Results of tests [ ] Backwards compatible

jflartaud avatar Aug 10 '20 15:08 jflartaud

CLA assistant check
All committers have signed the CLA.

hashicorp-cla avatar Aug 10 '20 15:08 hashicorp-cla