Galileo utilizes a variety of proxy accounts to interact with storage and Directory Services. These accounts' passwords are lengthy, randomly-generated, and secured by the Engine's configuration utilities, and are automatically regenerated each time the Engine's configuration utility is run.
As such, it's important that any password policy applied to these service accounts adhere to the following guidelines:
- No minimum password age. The Engine password might be changed several times in a short period if the Engine configuration utility is run several times (as might happen during initial setup or when troubleshooting an issue.) Minimum password ages will cause errors in that scenario.
- No maximum character limit. This is a common cause of password issues for Galileo's eDirectory proxy accounts. These accounts' passwords can be lengthy (30-80 characters), and should not be capped.
- Standard or strong complexity requirements. Galileo's proxy account passwords are generated in such a way that strict password complexity accounts should always be met.