Certificate question
hi everyone
during some restructuring we came across a request that seems to be filled with a lie. no one in my dept seems ot think it makes any sense what so ever but thought someone here might have an idea why or could help dispell the lie
we have a HR company we just restructured and they became part of another company... because this company is publicly traded we are subject IT audits. So we have to enforce a password policy
they told us today they can not change their password because it breaks their Certificates issued by ADP for payroll if they do it and ADP needs ot re-issue the certs each time
the certificates are used to access a secured website and then you need to provide credentials for that site
to me and the rest on my dept it seems to make no sense that changing a windows password would effect a certificate used for a website
apparently an old boss of mine told them that changing the password would break the certificate or one day when someone changed the theri password it broke the cert and he attributed it ot that
I admit I'm from for an expert with certificates but this does not seem logical
we are going to contact the issuer (ADP) to confirm or deny but thought I'd get peopels thoughts here as well
during some restructuring we came across a request that seems to be filled with a lie. no one in my dept seems ot think it makes any sense what so ever but thought someone here might have an idea why or could help dispell the lie
we have a HR company we just restructured and they became part of another company... because this company is publicly traded we are subject IT audits. So we have to enforce a password policy
they told us today they can not change their password because it breaks their Certificates issued by ADP for payroll if they do it and ADP needs ot re-issue the certs each time
the certificates are used to access a secured website and then you need to provide credentials for that site
to me and the rest on my dept it seems to make no sense that changing a windows password would effect a certificate used for a website
apparently an old boss of mine told them that changing the password would break the certificate or one day when someone changed the theri password it broke the cert and he attributed it ot that
I admit I'm from for an expert with certificates but this does not seem logical
we are going to contact the issuer (ADP) to confirm or deny but thought I'd get peopels thoughts here as well
Comments
-
Smallguy
Member Posts: 597
I';m guessing with the number of views no one thinks I've lost it so far
or does my question not make sense -
dynamik
Banned Posts: 12,312 ■■■■■■■■■□
I'd just contact the company. Accounting software can be really **** when it comes to stuff like that. It sounds a bit absurd, but you never know... -
dtlokee
Member Posts: 2,378 ■■■■□□□□□□
It could make sense as a safe guard from preventing an admin chainging the users PW in Active Directory then logging onto the computer and using the payroll software to writh themselves a big fat bonus check
Similar to what EFS will do if you change a user's password.
I would call the application vendor.The only easy day was yesterday! -
Smallguy
Member Posts: 597
dtlokee wrote:It could make sense as a safe guard from preventing an admin chainging the users PW in Active Directory then logging onto the computer and using the payroll software to writh themselves a big fat bonus check
Similar to what EFS will do if you change a user's password.
I would call the application vendor.
that is where we are going with it
because if that is the case we might need a formal letter from ADP stating that changing passwords breaks the cert just to keep auditors happy. -
blargoe
Member Posts: 4,174 ■■■■■■■■■□
It's just a web certificate? You should be able to change the password. I think my company is using the same software and we don't have any kind of weirdness for password changes.IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
Smallguy
Member Posts: 597
blargoe wrote:It's just a web certificate? You should be able to change the password. I think my company is using the same software and we don't have any kind of weirdness for password changes.
it is a certificate to enter the pay roll portion of their website
once in that website you still need to authenticate via a user name and password
so the Cert is only used to prove one's Identity
