GETTING STARTED 6 - MScottSr
Secret Server User GuideI.GETTING STARTED . 61.2.INSTALLATION GUIDE – SEE SEPARATE DOCUMENT . 6TERMINOLOGY . 6II.SECRET SECTION . 71.SECRETS . 7a.Creating a Secret . 7b.Viewing a Secret .8c.Editing and Deleting a Secret . 10d.Secret Sharing . 10e.Bulk Operations on Secrets . 122.FOLDERS .12a.Creating a Folder . 12b.Sharing a Folder . 153.SECRET TEMPLATES.16a.Creating or Editing a Secret Template. 16b.Using the Secret Template Designer . 17c.Template Field Types . 18d.Additional Changes to a Template . 19e.Activating / Inactivating Templates . 19f.Setting the Password Character Set or Password Length for Auto-Generate . 20g.Naming Patterns . 214.SECRET VIEW TABS .21a.Expiration Tab . 21b.Personalized Tab . 21c.Security Tab . 22d.Launcher Tab . 22e.Remote Password Changing Tab . 23f.Dependencies Tab . 235.LAUNCHER . 23a.Enabling the Launcher . 23b.Using the Launcher . 25
6.WEB LAUNCHER . 26a.Configuring the Web Launcher for Secret .26b.Creating a Configuration .26c.Using the Web Launcher . 27d.Incompatible Sites . 277.8.SETTING UP PASSWORD MASKING. 28SECRET EXPIRATION. 28a.Setting up Secret Expiration for the Secret Template .28b.Setting up Secret Expiration for the Secret .29c.Forcing Expiration.29d.Resetting an Expired Secret .299.DOUBLELOCK (ENTERPRISE EDITION) . 29a.Creating a DoubleLock Password . 30b.Creating a DoubleLock . 30c.Assigning a DoubleLock to a Secret . 30d.Changing a DoubleLock Password . 30e.Resetting a DoubleLock Password . 3110.SECRET CHECK OUT (ENTERPRISE EDITION).31a.Configuring Check Out . 32b.Checking Out Secrets . 3211.REQUIRES APPROVAL FOR ACCESS (ENTERPRISE EDITION) . 34a.Setting Up Access Request for a Secret . 34b.Requesting Access After Approval is Granted . 35c.Approving a Request . 3512.REMOTE PASSWORD CHANGING (PROFESSIONAL OR ENTERPRISE EDITION) . 35a.Remote Accounts Supported . 36b.Enabling Remote Password Changing in Secret Server . 36c.Configuring a Secret for AutoChange . 36d.Privilege and Reset Secrets . 36e.Change Password Remotely . 37f.Configuring Remote Password Changing - Mapping Account Fields . 37g.AutoChange Schedule .38h.Remote Password Service Accounts (Enterprise Edition) . 3913.CUSTOM COMMAND SETS (PROFESSIONAL OR ENTERPRISE EDITION) . 402
a.Accessing the Custom Commands . 40b.Editing a Custom Command . 40c.Creating a new Custom Command Password Changer . 4114.HEARTBEAT (PROFESSIONAL OR ENTERPRISE EDITION).41a.Remote Accounts Supported – See the RPC section on Remote Accounts Supported. .42b.Enabling Heartbeat .42c.Configuring Heartbeat .42d.Using Heartbeat .42e.Alerts on Failure.4215.REMOTE AGENTS (PROFESSIONAL OR ENTERPRISE EDITION). 43a.Enabling Remote Agents . 43b.Create an Agent Installer . 43c.Installing an Agent . 43d.Assigning an Agent to a Secret . 4316.SEARCHING SECRETS . 44a.Search Indexer .44b.Search Indexer Administration . 4517.SECRET IMPORT . 46a.Configuring Data for Import . 47b.Secret Server Migration Tool . 4818.WEBSERVICES . 48a.Enabling Webservices . 48b.Secret Webservices . 48c.Folder Webservices .49d.Windows Integrated Authentication Webservice.4919.FOLDER SYNCHRONIZATION (PROFESSIONAL OR ENTERPRISE EDITION) . 50III.USER SECTION . 501.2.CREATING A USER . 50CONFIGURING THE USERS . 51a.Login Settings . 51b.Password Settings . 52c.Restriction Settings . 533.ACTIVE DIRECTORY SYNCHRONIZATION (PROFESSIONAL OR ENTERPRISE EDITION) . 54a.Adding a Domain . 543
b.Setting Up a Synchronization Group . 54c.Configuring Active Directory . 55d.Creating an Active Directory User . 56e.Converting Local Users to Domain Users . 57f.Integrated Windows Authentication . 574.USER PREFERENCES . 57a.General Tab . 57b.Launcher tab .585.GROUPS . 58a.Creating a Group .58b.Adding Users to a Group . 596.ROLES .61a.Creating a Role.62b.Editing Permissions for a Role .62c.Assigning Roles to a User . 63IV.ADMINISTRATION. 631.CONFIGURATION SETTINGS. 63a.2.ADMINISTRATOR AUDITING . 65a.User Audit Report . 65b.Secret Audit .66c.Report Auditing . 673.BACKUP / DISASTER RECOVERY . 70a.Configuring Backups . 70b.Setting up Folder Permissions . 71c.Manual Backups . 71d.Scheduled Backups (Professional or Enterprise Edition) . 71e.File Attachment Backups . 71f.Exporting Secrets: Configuring an Export . 71g.Exported File Format. 72h.Recovery . 734.UNLIMITED ADMINISTRATION MODE . 73a.5.General tab . 63Configuring Unlimited Administration Mode . 73SYSTEM LOG . 744
6.EVENT SUBSCRIPTIONS . 74a.Subscription page . 74b.Creating an Event Subscription . 75c.Editing a Subscription . 76d.Deleting a Subscription . 76e.Viewing the Event Subscription Log . 767.8.LANGUAGE MAINTENANCE . 77CUSTOMIZING THE LOOK . 78a.Creating Themes . 78b.Embedded Mode . 799.REPORTING IN SECRET SERVER . 79a.General Tab . 79b.Security Hardening Tab .83c.User Audit Tab .8510.SECRET SERVER ENCRYPTION . 85a.Advanced Encryption Standard .85b.SHA-512 .85c.SSL Overview . 8611.TWO FACTOR AUTHENTICATION LOGIN . 86a.Email Two Factor Authentication . 86b.RADIUS Authentication (Professional or Enterprise Edition) . 8812.13.14.V.CONFIGURING SMTP EMAIL SERVER. 90FIPS COMPLIANCE (ENTERPRISE EDITION) .91PCI DATACENTER COMPLIANCE . 92LICENSING . 921.2.3.4.PROFESSIONAL LICENSE. 93ENTERPRISE LICENSE . 93INSTALLING NEW LICENSES. 93CONVERTING FROM TRIAL LICENSES. 94VI.EXTERNAL APPLICATIONS . 941.2.IPHONE APPLICATION . 94BLACKBERRY APPLICATION . 96VII. APPENDIX . 98a.Technical Support . 985
I. Getting StartedInstallation Guide – see separate document1.Secret Server is distributed as a zip file of the Web site. To install Secret Server, create a virtual directoryin IIS and copy the zip contents into it. Browse to the newly created site and Secret Server willautomatically step through the configuration process. For more detailed information on setting up IIS,ASP.NET, and connecting to MS SQL Server, please use the Installation Guide.2.TerminologyThroughout this User Guide, certain terms are used to refer to specific features or concepts within SecretServer. AdministratorThe concept of an 'Administrator' no longer exists, however, in this guide, 'Administrator'will be used when referring to the User(s) who manage the system. Administrators havecontrol over the global security and configuration settings. SecretAny sensitive piece of information that you would like to manage within Secret Server.Secrets are derived from our customizable Secret Templates. Typical Secrets include,but are not limited to, routers, servers, applications, and devices. Secret TemplateUsed for creating Secrets, Secret Templates allow you to customize and format Secretsto meet your company's needs and standards. Examples include: Local AdministratorAccount, SQL Server Login, Oracle Login, Credit Card and Web site Logins. Templatescan contain passwords, User names, notes, uploaded files, and drop-down list values. Role Based SecurityOur implementation of the Role Based Access Control mechanism. The permissionstructure used to provide Users access to the system. Role Based Security providesAdministrators the ability to set strict, granular permission levels for each User. Unlimited Administration ModeDeemed as a "break-the-glass" feature, when this mode is enabled, Administrators areable to access all content within the system regardless of explicit permissions. Remote Password Changing6
Available for you to automatically change passwords on remote devices including:Windows Accounts, SQL Server Logins, Active Directory accounts, and UNIX accounts. Secret AssistantA client side utility that interfaces with Secret Server to allow Users to automaticallylogin to Web accounts.II. Secret Section1.SecretsSecrets are individually named sets of sensitive information created from Secret Templates. Flexibility inTemplates allows Secrets to address a broad spectrum of secure data. Secret security can be centrallymanaged through View/Edit settings for each individual Secret. Additionally, the Folder structure allowsone or more Secrets to inherit permissions from a parent Folder. All Secret field information is securelyencrypted within the database with a detailed audit trail for access and history.a. Creating a SecretFrom the Home screen in the upper right corner, select the Secret Template from which to create theSecret. This Template contains all the relevant fields for a Secret. If there is not a suitable Template,custom ones can be created (see Creating or Editing a Secret Template section). Upon selecting aTemplate, you will be sent to the New Secret page.7
New Secret PageFor the basic Secret Templates, Secret creation is intuitive and straightforward. The more complex SecretTemplates are discussed later in the User Guide. Keep in mind that the Secret Name field is the textused both for display purposes throughout the application as well as for search functions (other fields canbe used as well; see the Searching Secrets section for more details).The Save and Share button allows you to immediately set the Sharing settings on the newly createdSecret. Sharing is discussed in more detail in the Secret Sharing section.Note: It is possible to import data as Secrets. This topic is discussed in the Secret Import section.b. Viewing a SecretTo view the information contained in a Secret, you must navigate to the Home page. From there, click onthe Secret name. For instructions on browsing your Secrets on the Home page, see the SearchingSecrets section.Only the General tab is discussed in this section. This page will be referred to as the Secret View page.For information on the other tabs, see the Secret View Tabs section.The Secret View page displays the relevant information for a Secret. The Password fields of a Secretmay be masked, depending on your settings (see the Setting Up Password Masking section).8
To unmask a field, click on the Lock icon(cursor over the Lock.). This will unmask the field for as long as you have theTo see the history of changes to the field as well as the current setting, click on the History icon (To copy the field to the clipboard, click on the Copy To Clipboard icon(this to function.).). You may need an add-on forTo view the field using the NATO phonetic alphabet, click on the NATO icon ().Discussed below are the settings that are common to every Secret: The Folder field is the Folder that contains the Secret. You can make the Secret use the Sharingsetup of this Folder by setting the Default Secrets Inherit Permissions setting in theConfiguration. See Sharing a Folder section for further details on this setting. The Favorite? checkbox is used to Group Secrets in the Favorite Secrets section on the Homepage. You can edit or delete a Secret by clicking the Edit and Delete button, respectively. For moredetails, see the Edit and Delete a Secret section. The Share button is used to set up the Sharing settings for this Secret. For further information,see the Secret Sharing section. You can check which Users have accessed the Secret as well as the changes performed on theSecret by clicking View Audit button. For additional details, see the Auditing section.Below are the buttons, fields, and icons that are specific to more advanced Secrets. They are discussedin detail under their relevant sections. The Change Password Remotely button is discussed further in the Remote Password Changingsection. The Expire Now button is discussed further in the Secret Expiration section. The AutoChange Schedule button is discussed further in the Remote Password Changingsection. The AutoChange? field is discussed further in the Remote Password Changing section. The Launcher icon () is discussed further in the Launcher section.9
c. Editing and Deleting a SecretTo edit a Secret, navigate to its Secret View page. Click on the Edit button. All fields on the previousSecret View page will become editableNote: Password fields will be unmasked.For passwords, there is an ability to randomly create a password with the Generate button. This willgenerate a password according to the rules set in the Secret‟s Template (see Secret Template section).To delete a Secret, navigate to the Secret View page and click on the Delete button. The Secret will belogically deleted and hidden from general Users who do not have a Role with the View Deleted Secretpermission. For detailed audit history and supporting recovery, the Secret will remain in the databaseand only accessible by privileged Roles. There is a way to delete multiple Secrets. This is discussed inmore detail in the Bulk Operations on Secrets section.To undelete a Secret, navigate to the Secret View page and click the Undelete button. NOTE: The Usermust have the View Deleted Secrets permission (see Roles section) to access the Secret View page forthis Secret, as well as Owner permission on the Secret.d. Secret SharingSharing passwords is crucial for information technology teams. Due to the sensitive nature of sharingsecure information, Secret Server takes all necessary security measures to ensure that sharedpasswords are tracked and guarded.10
Sharing a SecretThere are three different levels of permission to choose from when sharing Secrets with another User orGroup of Users: View, Edit and Owner.For example, Administrators need the Edit p
Windows Accounts, SQL Server Logins, Active Directory accounts, and UNIX accounts. Secret Assistant A client side utility that interfaces with Secret Server to allow Users to automatically login to Web accounts. II. Secret Section 1. Secrets Secrets are individually named sets of sensitive information created from Secret Templates. Flexibility in
Biacore T200 Getting Started 28-9840-98 Edition AB 5 Biacore T200 Getting Started Biacore T200 Getting Started Introduction This Getting Started handbook is designed as a self-study guide to introduce you to the basic operations of BiacoreTM T200, Biacore T200 Control Software and Biacore T200 Evaluation Software.
Getting Started applies to the "PCS 7 Engineering Toolset V 6.0". Preface Process Control System PCS 7, Getting Started - Part 1 iv A5E00164244-01 Guide to the Manual Getting Started explains the individual steps required to create the "color_gs" project. You will find the most important background information required to
Getting Started with SIMOTION SCOUT TIA Getting Started Valid as of Version 4.5 11/2016 Preface Fundamental safety instructions 1 Getting Started with SIMOTION SCOUT TIA 2 Prepare the configuration 3 Create a project 4 Create SIMOTION device and configure online communication 5 Start SIMOTION SCOUT TIA 6 Download the project to the target system 7
6 – ABSYNTH 5 – Getting Started 1.2 The ABSYNTH 5 Documentation 1.2.1 In this Manual What you are holding in your hands right now is the Getting Started Manual which will give you an overview of ABSYNTH 5’s main features and functions. This Getting Started Manual is divided into four parts:
Categorical Data Analysis Getting Started Using Stata Scott Long and Shawna Rohrman cda12 StataGettingStarted 2012‐05‐11.docx Getting Started Using Stata – May 2012 – Page 2 Getting Started in Stata Opening Stata When you open Stata, the screen has seven key parts (This is Stata 12. Some of the later screen shots .
Time Matters 10.0 - New User Guide 8 Starting the Application Getting Started Getting Started Getting Started Getting Started
Getting Started with Oracle Data Integrator Getting Started 12c (12.2.1.3.0) E96509-02 March 2019 Oracle Data Integrator Getting Started This document provides instructions on how to
Existing Masonry Chimney Top outlet on stove Adaptor Inspection Bends 90 Tee 135 Tee Inspection Length Tee Cap Offset no greater than 45 Flexible Liner Installations show are by way of illustration only. Manufacturer's installation instructions should always be consulted before installation. Drawings courtesy of Schiedel Chimney Systems Wood Burning & Multi Fuel Stoves The stove should .
