Service Account for LDAP/ACL Integration

Idea created by amfamJeff on Mar 24, 2015
    Under review
    • amfamJeff
    • sogar01
    • RafaelOltra
    • marne06

    It would be nice to have a service account with CA DevTest that would bypass LDAP and be authenticated directly against the ACL.  This would allow us to have generic accounts and not need them to authenticate LDAP.  In large organizations, security policy usually does not allow generic accounts to be set up in LDAP if the credentials are being passed unencrypted, as is the case with the VSEManager and ServiceManager commands.  With the VSEManager and ServiceManager commands run against an LDAP integrated environment, you must pass your userID and password unencrypted.  If using these commands in a script, your userID and password are in the script unencrypted and visible to the world.  Therefore, it would be useful to have a generic account, that authenticates directly against the ACL, bypassing LDAP, so that organizations that have tight security policies can make use of VSEManager and ServiceManager without violating security policy.