Thycotic Secret Server Vault
Click here to view navigation pane

Thycotic Secret Server Vault

A Thycotic Secret Server vault is where you provide us with the login credentials needed to access your Thycotic Secret Server environment.

Webservices must be enabled in Secret Server. How do I do this?Webservices must be enabled in Secret Server. How do I do this?

The Webservices option must be enabled in the Secret Server Administration user interface for scanner integration to work over the HTTP or HTTPS protocols. This option is not enabled by default within the Thycotic Secret Server environment.

Follow these steps to enable the Webservices option:

1) Log in to the Thycotic Secret Server Administration interface.

2) Go to Administration > Configuration.

3) Click Edit to change configuration settings.

4) On the General tab, select "Enable Webservices".

5) Click Save.

 

How to Use Vaults

Click here and we'll walk you thru the steps. Add IP addresses to scan, configure scanner appliances, configure vaults and authentication records, set up option profiles and start scanning!

 

Vault Credentials

These credentials may be defined for your Thycotic Secret Server vault.

URL  Enter the URL to the Secret Server webservices. The URL may use http or https. The URL may contain a maximum of 256 characters, and must not contain multibyte characters. The scanner appliance must be able to access vault endpoints for successful retrieval of credentials. Please refer to the Thycotic Secret Server documentation for how to format the webservices URL endpoint for your specific vault instance.

User Name / Password  The Secret Server user must have access to the secret names to be used for authentication.

Domain  Provide a fully qualified domain name if Secret Server is integrated with Active Directory. The domain may contain a maximum of 128 characters, and must not contain any multibyte characters.

 

Authentication Record

Choose the Thycotic Secret Server vault in your authentication record and provide the secret name.

Secret Name  Enter the secret name that contains the password to be used for authentication. The scanning engine will perform a search for the secret name and then get the password from the secret returned by the search. A single exact match of the secret name must be found in order for authentication to be successful. The secret name may contain a maximum of 256 characters, and must not contain multibyte characters.

 

User Permissions

A Manager user has permission to configure a Thycotic Secret Server vault. A Unit Manager can be granted this permission.