• State Suggested Answer
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 320 views
  • Users 0 members are here
Options
Related

Lockdown Bootstrap Admin

jody gilbert
2 months ago

Is it possible to lock down the bootstrap admin account so that it can only be accessed via the management kiosk?

We are using Entra ID to control access to our other admin accounts, with various policies configured for MFA etc.  But the bootstrap admin account is a weak link that I'd like to lock down if possible. 

Parents
  • 0 2 months ago

    You can disable the bootstrap admin account but make sure you have another account with admin permissions required to perform the admin tasks

    In case you are locked out and need to reset the admin account then a service request with Support is required to perform a challenge \ response key exchange to reset it.

    Thanks!

Reply
  • 0 2 months ago

    You can disable the bootstrap admin account but make sure you have another account with admin permissions required to perform the admin tasks

    In case you are locked out and need to reset the admin account then a service request with Support is required to perform a challenge \ response key exchange to reset it.

    Thanks!

Children
  • 0 2 months ago in reply to Tawfiq.Ahmad

    thanks, that seems to be an acceptable solution.  Once we are comfortable with authentication for our admin accounts, we will review disabling the bootstrap account.  Our plan is to use Safeguard to manage many of our root/admin accounts, so I need to reduce any risks of people gaining access to Safeguard, disabling the bootstrap account should take care of that.