The idea is that a button should be provided which enables us to update the passwords of all accounts (local RDP admin, axdbadmin, …) available for any Dynamics 365 F&O environment and visible through the LCS platform.
The reason this is asked is because too many users in our company had 'Environment Manager' permissions on a project with 20+ environments. They could have saved all the admin passwords somewhere locally, and even after revoking their permissions on the project (update to Project team member), they would still be able to RDP to the VMs of the environments.
This causes a potential security breach!
A ticket was already submitted and escalated to Microsoft (119081221000773) in which was suggested to use the 'Rotate Secrets' button, but upon further investigation by Microsoft it seemed that this button doesn't update the passwords.
It was also suggested that the password in LCS might be out of sync with the password on the VM in Azure, but resetting that didn't fix the issue either.
Please upvote if you agree. It would be great to have this product change applied. Thank you.
Comments
still an issue, a simple regenerate password would also do fine (at least 15 chars, if you following azure defender recommendations!)
Category: System administration
Hi,
are there any updates on this request to be expected?
It seems it is related to this declined request:
https://experience.dynamics.com/ideas/idea/?ideaid=fe3f4467-1ed2-e811-b96f-0003ff689ae6
Is there any way to update the mentioned passwords?
If a user is excluded from a project in LCS, all potentially exposed passwords should be reset. IMHO
Category: System administration
I agree - good idea - we have had this problem many times.
Category: System administration