Service Account Manager and Security Best Practices
Many Windows servers use common domain administrator accounts to run business-critical applications. Security compliance regulations and best practices dictate that the passwords on administrator accounts used by Windows services must be changed every 30 to 90 days, without fail.
Normally, the credentials used by Windows services must be manually updated for each service on every server. With a typical manual change time of about five minutes per service, and approximately four services per system, it takes about 20 minutes to change each server manually.
While the service change process is proceeding, the enterprise is essentially off-line. With a typical manual error rate of about 10% in a large server farm, systems can be damaged by administrator mistakes during the change process.
Mass Managing Service Account Credentials
Service Account Manager automates the service account change process, reducing the change time to seconds per machine - with a zero error rate for the service account password change process. Off-line systems are automatically recorded and queued for automatic retry. Built-in functionality provides for automated service restarts, scheduled reboots and more.
This all means that the regular password change process can proceed on all Windows systems in the enterprise at frequent intervals, without endangering the uptime of critical servers or consuming vast IT resources.