Generic accounts are commonly used to enable UNIX administrative staff to log on to a computer system and perform specific operations using the account identity and permissions of the generic account. While using generic accounts is a simple way to manage specific services, they represent a significant risk in terms of both access control and IT auditing. There is no easy way to manage who can access these accounts or to provide an audit trail showing which administrator used the account to take a specific action. This application note shows how Centrify DirectControl and Active Directory can be used to control both the password of generic accounts and an administrator's access to a specific computer system or group of systems. It shows how administrators can be granted the appropriate permissions to execute the privileged operations normally run by the generic account without requiring generic accounts to exist.

Read the Application Note: Managing UNIX Generic and Service Account Management with Active Directory