SPP uses a service account to connect to an asset to securely manage accounts and passwords on that asset. Therefore, a service account needs sufficient permissions to edit the passwords of other accounts.
When you add an asset, SPP adds its service account to the list of Accounts. By default, SPP automatically manages the service account password and SSH keys according to the check and change schedules in the profile that governs its asset. See: Creating a password profile and Creating an SSH key profile.
When adding a service account, SPP automatically disables it from access requests. If you want the password or SSH key to be available for release, click Access Requests and select Enable Password Request or Enable SSH Key Request. If you want to enable session access, select Enable Session Request.
TIP: As a best practice, if you do not want SPP to manage a service account password or SSH key, add the account to a profile that is set to never change passwords or SSH keys.
If you delete a service account, SPP changes the asset's authentication type to None, which disables automatic password or SSH key management for all accounts that are associated with this asset. A user can continue to check out the passwords or SSH keys, however, if the policy that governs the account requires that it change the password or SSH key after release, the password or SSH key can get stuck in a pending password reset state. For more information, see Password or SSH key is pending a reset..
Test connectivity
The most common causes of failure in SPP are either connectivity issues between the appliance and the managed system, or problems with service accounts. If you experience issues, first verify that you can access the managed system from another system (independent of SPP), using the service account. For more information about troubleshooting connectivity issues, see Test Connection failures and Connectivity failures.