Secure identity impersonation for Commvault automated file operations: Internship at Commvault

Rohan Avalur; Sanath Kumar

doi:10.64804/7nkhmm31

Secure identity impersonation for Commvault automated file operations

Internship at Commvault

Authors

Rohan Avalur Science & Engineering Magnet Program , Manalapan High School
Sanath Kumar Commvault

DOI:

https://doi.org/10.64804/7nkhmm31

Keywords:

Commvault, internship, gMSA, C++, Windows Service, Kerberos, security, automation

Abstract

The ability to move files between servers automatically is essential for modern data management. During my internship at Commvault, I worked on improving this process by moving away from the use of manual passwords. A major security challenge is that many automated programs rely on passwords written directly into the code or stored locally in the registry, which creates a risk of sensitive information being exposed. To address this, I used Microsoft Group Managed Service Accounts to allow the computer to handle logins on its own. I developed a background program in C++ that manages these operations as a Windows service. The system utilizes the Kerberos S4U2self protocol to request digital access keys directly from the network. By using these digital keys instead of stored passwords, the system can securely perform network tasks without human input. This project removes the need for hardcoded login info, making Commvault’s automated operations much more secure.

Downloads

Abstract PDF

Published

2026-06-16

Issue

Vol. 2 No. 8 (2026): Science and Engineering Senior Projects and Internships, Semester II, 2026-06-16

Section

Abstracts

License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

How to Cite

Avalur, R., & Kumar, S. (2026). Secure identity impersonation for Commvault automated file operations: Internship at Commvault. Journal of Science & Engineering, 2(8), 122. https://doi.org/10.64804/7nkhmm31