Transfer a user/password between resources?
Is there a way to transfer accounts between resources?
I'm in the situation where I will have many 'unowned' passwords imported from legacy systems, and often they will be under generic resource names (eg 'FedEx Windows'). I could cludge it and have each user/pwd assigned to a single resource (eg FedEx1, FedEx2, ...) but it just gets messy and unintuitive for end users. As owners come forward and claim these orphaned accounts I will need to move them to the appropriate managed resource. Equally the same will occur over time as roles change between groups and selected passwords need to be transferred.
eg image we had this resource with multiple users
resource group:
FedEx Windows Domain Support
resource name :
server123
accounts:
local_admin
sa
svc_cluster
Then at a later date the SQL team take ownership of the database and so need to assume control of the sa account, so I want to move the sa account so it now appears as
resource group:
FedEx DBA's
resource name:
server123-dba
accounts
sa
I'm happy to manually create the new resource to accept the user/pwd, but would like to avoid deleting and recreating the account because that will mess up the account history, and I'm sure we'll make a typo so introduce risk. Any ideas?
From a back end db I've been able to do it by hitting the Ptrx_Account table, but was hoping their was a proper/supported way of doing it.
Ta, Jeff.
I'm in the situation where I will have many 'unowned' passwords imported from legacy systems, and often they will be under generic resource names (eg 'FedEx Windows'). I could cludge it and have each user/pwd assigned to a single resource (eg FedEx1, FedEx2, ...) but it just gets messy and unintuitive for end users. As owners come forward and claim these orphaned accounts I will need to move them to the appropriate managed resource. Equally the same will occur over time as roles change between groups and selected passwords need to be transferred.
eg image we had this resource with multiple users
resource group:
FedEx Windows Domain Support
resource name :
server123
accounts:
local_admin
sa
svc_cluster
Then at a later date the SQL team take ownership of the database and so need to assume control of the sa account, so I want to move the sa account so it now appears as
resource group:
FedEx DBA's
resource name:
server123-dba
accounts
sa
I'm happy to manually create the new resource to accept the user/pwd, but would like to avoid deleting and recreating the account because that will mess up the account history, and I'm sure we'll make a typo so introduce risk. Any ideas?
From a back end db I've been able to do it by hitting the Ptrx_Account table, but was hoping their was a proper/supported way of doing it.
Ta, Jeff.