With Soffid, you can manage four types of accounts:
- Unmanaged accounts. Theese accounts will be ignored by Soffid synchronization engine. Their primary goal is to allow a smooth transition without having to bother about some accounts until later.
- Single user accounts. Theese acounts belong to a user, and only this user is able to use it.
- Shared accounts. Theese accounts can be used by many users at a time. They can be used to access provider web sites. One example could be the corporate Twitter account that can be used by a group of community managers.
- Privileged accounts. Privileged accounts are a sort of shared accounts, but only one user at a time can use them.Cuentas privilegiadas.
At deploy time, Soffid can gather all the accounts on managed systems. At first, these accounts will be marked as unmanaged accounts. After the administrator has defined the owners and users of any unmanaged account, administrator can change the account type from unmanaged to privileged and assign a password policy. Privileged accounts use to have a custom policy that enforces passwords to be changed timely, despite no one uses it. Below is a screencast about how a user can check-out a privileged account, change its password and return it back to Soffid. Audit trail is also shown.