Secrets Vault Password Rotation As a Service
Password Rotation As a Service
Safeguard privileged local accounts on Azure AD joined and on premises AD joined Windows computers from being compromised and reduce the chances of Pass-the-Hast (PtH) attacks.
- – Local Administrator Account Password
- – Alternative Administrator Account Password
- – Local User Account Password
- – Auditing
- – Integrated Remote Desktop and Remote Assistance
- – MFA for Password Retrieval
- – Account Logon Name Rotation
Random Logon Name and Random Password
Private Vault extension
Your secrets remain under your control. Authorized administrators must authenticate with their MFA enabled Privileged Access Management account to retrieve the passwords.
- – Access using MFA only.
- – Optionally, limit PAM access on dedicated network only.
- – Audit logs
Multiple Local Accounts Management extension
Use Alternate Administrator Account for troubleshooting purposes instead of the Built-In Administrator Account. For troubleshooting remote computers that may have dropped from the domain, allow users to logon with a Local User Account.
- – Administer workstation with non S500 account
- – Account logon name changes with password change
Low cost yearly subscription
Secrets Vault Features Password Rotation As a Service
Local Account Password
Complex password is encrypted and stored in the vault.
Password Expiration Notification is displayed even when computer is offline.
Temporary Elevated Privileges
Users are granted elevated rights for preset time only.
Password Reset. Account Unlock. Allow Updating Selected User Attributes.
Near real-time and in-session update of Kerberos Tickets and Access Token.
Reconcile duplicate DNS Records. Safe Browsing on untrusted networks.
Group Policy Refreshes
Consistent and predictable Group Policy Refreshes on VPN computers.
Universal LDAP Name
Independent of DNS, same name always resolves to closest available DC.
FAQ - Your questions? We got answers!
How is the product licensed ?
The software subscription is based upon count of Azure AD and AD joined computers.
How do I deploy the software on endpoints?
The package is a standard MSI formatted package that can be deployed using software distribution tools like Microsoft SCCM, Microsoft Intune or 3rd party software.
Do I need to setup and manage dedicated server ?
Appropriate resources in your Azure subscription are provisioned for the software to work. There is no need to setup a dedicated virtual server in Azure environment.
Do we need to upgrade the AD schema ?
No schema changes are required in on-premises Microsoft AD or in Microsoft Azure AD.
How do I configure resources in Azure ?
The downloaded package contains Powershell scripts that when run with required privileges in your Azure subscription will create required resources.
Do you provide support for x86 and x64 platforms ?
The software works on x86 and x64 platform of Windows, from Windows 7.0 to Windows 10 including server operating systems from Windows Server 2008 R2 to Windows Server 2019
Secret Vault Editions
get the best software
why customers us!
Finally here's one multi-purpose extension to Microsoft Windows operating system that removes the clutter created by many.
- A Leslie -
Payment Card Industry
Universal LDAP name ? That is a great feature. You guys have quite a knack for finding holes in the Microsoft implementations and coming up with good solutions for them.
- M Corey -
Over 30% of calls to service desk are related to Password Reset and Account Unlock incidents. ADCE implementation has significantly reduced number of support calls.
- F Brice -
ADCE helps comply with IT Security best practices. Our end users operate their Windows computer with least privileges and when in need, we enable their user account for Temporary Elevation,…
- D Karla -
The offline Password Expiration notification is a boon, along with the Remote Logoff when a user is logged into multiple computers and their password is changed. It avoids account lockout…
- M Johnson -
IT Support Services