Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

AD Account for Unity Question

After installing unity (and running the permissions wizard), I noticed there is an account in our AD that is named "unity_[servername]". I did not create this account so I'm assuming this is created as part of the unity installation. I have 2 unity servers and there are 2 seperate accounts in AD named unity_server1 and unity_server2.

Does anyone know what these accounts are used for? The account is set for password never expires and is causing some concern with our sox auditors.

thanks in advance for your assistance.

VIP Purple

Re: AD Account for Unity Question

Please see the link below for an explanation of this account.

Hope this helps.


Community Member

Re: AD Account for Unity Question

Thanks for the response. That helps me understand what the account is used for.

I need to rename this account to comply with our SOX policy since the pw doesn't expire. Anyone know if this can be done without affecting the functionality?


VIP Purple

Re: AD Account for Unity Question

I don't know that it's possible. Even if it is possible by changing a registry entry, etc I would not reccomend it. You could cause yourself a lot of headaches down the road when you upgrade or use a tool that is looking for this particular account.


Re: AD Account for Unity Question

Hi -

Something to consider for your SOX folks ... You can move this account into a different OU than the Users OU after it has been created. We moved our Unity specific accounts into a Service Accounts type OU. If you are familiar with Group Policy, you can amend the policy for password expiration at the OU level and make sure the password does not expire. You can change the password of the account. You can also disable this account as long as you don't DELETE it. It is disabled by default when installing 4.0(5). Here is a reference to the security best practices guide, which discusses the Unity accounts:

Regards, Ginger

CreatePlease to create content