Submit a ticketCall us

Webinar: Web Help Desk for HR, Facilities and Accounting Departments
This webinar will focus on use cases for HR, Facilities and Accounting.

Having a unified ticketing and asset management system for all the departments in your company can provide end-users with a seamless experience and make things easier for your IT team. Yet, with different business tasks and objectives, many departments don’t fully understand the capabilities of Web Help Desk and how the software can be customized for effective use in their departments.
Register Now.

Home > Success Center > Log & Event Manager (LEM) > LEM Root Password Disclaimer

LEM Root Password Disclaimer

Table of contents

Overview

This article briefly discusses the requirement for the 'root' password for Log & Event Manager (LEM). and VMAN

Environment

All LEM versions

Detail

Customers that are asking for the root password for either LEM or VMAN will only be provided this info over the phone.  Sending the password through email opens up the customer to certain security risks.  If it is required, support will phone the customer and provide that information after account verification.

 

SolarWinds keeps root access from customers and requests that they use the hardened CMC shell (available through SSH or the virtual machine console) to protect the accuracy and integrity of the log records.

 

LEM root access allows the ability to alter, modify or delete records. 

 

Root access would allow users to tamper with the alert DB. LEM is used in many cases as an auditing platform to satisfy compliance, allowing customers to alter the alert DB would seriously degrade the value of the LEM.

 

In limited circumstances, SolarWinds can provide the root passwords to customers, but it is with the understanding that any changes made to the system with root credentials might make it impossible for us to fix/support future issues.

 

PLEASE NOTE: Verify that this is an acceptable risk for your company and your auditors as this may constitute an unacceptable breach of your particular compliance standard.

 

Last modified
08:48, 26 Sep 2017

Tags

Classifications

Public