Viewing Secrets (and Managing Folders)
The secrets are displayed in the Management Tool on the Password Management page (on the Secrets tab), where the list of secrets is displayed in any selected folder and the secrets are stored (in the Tree-View folder structure displayed in the additional pane on the left) in the form of a grid which includes the following information in the corresponding columns:
• The Drag and drop to a folder () icon can be clicked to then drag & drop the secret (or all secrets) selected to any folder in the Tree-View folder structure (on the left).
NOTE: A secret can only be moved between folders by a user who has Owner Role Type permissions for the folder.
• : The Select checkbox (or the Select All checkbox in the column header) can be clicked () to select any number of the secrets listed, so as to then be able to manage multiple secrets simultaneously by using:
- The Bulk Action () button (above the grid) can be clicked and Delete selected (in the drop-down list) to delete all the selected secrets at once.
NOTE: A secret can only be deleted by a user who has the Owner Role Type permissions for the secret.
- All the secrets selected can be dragged & dropped to any folder in the Tree-View folder structure (on the left).
• Play: The icon can be clicked to open the Monitoring Results page, which will display a list of the sessions filtered by the secret concerned (i.e. a list of the sessions in which the secret was used).
• (Password Checkout): The Checked out () icon is displayed if the secret's password is currently checked out (i.e. if the secret is currently in use), and can be hovered over to display a hint showing:
- Username: The user that the secret's password is currently checked out by (i.e. which user is using the secret).
- Auto Check in: The date & time when the secret's password will be checked back in automatically (i.e. when the secret will become available for use by another user).
NOTE: The “Auto check in” date & time is only displayed if the “Check in automatically after” checkbox has been selected while configuring the secret.
• Secret Name: The name of the secret, with the Password Rotation Status icon also displayed next to the it (on the left), indicated by the color: (Enabled), (Disabled), or(Failed).
• Type: The type of secret (displayed in the hint by hovering over the icon).
• Added By: The name of the user who added the secret.
• Last User: The name of the user who last used the secret (to access the corresponding account by way of the Syteca Connection Manager).
• Last Usage Time: The data & time when the secret was last used (to access the corresponding account by way of the Syteca Connection Manager) by the user in the Last User column (above).
• Description: The description of the secret.
NOTE: As a root user, the built-in default admin user of Syteca has the Owner Role Type permissions for all secrets, and is therefore able to edit all secrets (and folders) added by other Syteca users.
Additionally, when hovering anywhere over any secret in the list (i.e. any row in the grid), the following icons are displayed (on the right, as shown in the screenshot above), which can be used as follows:
- The Move to another folder () icon can be clicked to move the secret to another folder in the Tree-View folder structure (on the left).
- The Audit secret () icon can be clicked to open the Audit Log page filtered by information about all user actions performed with the secret.
The Tree-View folder structure (in the pane on the left) displays all the folders that the user has either Owner or Editor Role Type permissions for, as well as the secrets in them (displayed in the grid in the main pane), and can be managed as follows:
• To change the currently selected folder (aka the "current folder", which is the All secrets folder by default, and is displayed with a rectangle around it), click on any other folder to display the secrets in it in the grid in the main pane.
• To add a new folder (in the currently selected folder, with a rectangular box around it in the Tree-View folder structure), click the New folder button (at the top of the Tree-View folder structure), and add the required users and permissions on the Permissions tab (in a similar way to when adding the users and permissions for a secret).
NOTE: Alternatively, the users / user groups who will be able to use the secret, along with their permissions, can be inherited from the parent folder if configured as required in this folder (except from the "All secrets" folder) by selecting the "Inherit users and their roles from current folder" checkbox (to inherit the users / user groups along with their Role Type permissions from the current folder) and the "Inherit advanced permissions from current folder" checkbox (to inherit the "Show Password" and "File Transfer" advanced permissions for the users / user groups from the current folder).
NOTE: Only users specifically added to the Management Tool as separate users, but not those only belonging to an Active Directory user group added, can add secrets/folders (please refer the Management Tool Issues and Error Messages page for more information).
• To move secrets between folders (only available for a user who has Owner Role Type permissions for the folder), either drag & drop any secret (from the grid in the main pane) into the required folder (in the Tree-View folder structure) or first select multiple secrets (by selecting the appropriate () checkboxes in the grid), and then drag & drop all the secrets at once into the required folder.
• To change the Tree-View folder structure (or the permissions for any folder, or to delete any folder), click the Edit () icon which is displayed when hovering over any folder (except the All secrets folder), and in the Edit Folder pop-up window that opens, move or delete the folder by clicking the appropriate buttons (on the Properties tab), or change the folder Role Type and advanced permissions (on the Permissions tab).
NOTE: Folders names in the format “My Secrets (<username>)” or "My Secrets (<domain name>\<username>)" are Workforce Password Management (WPM) folders, which contain WPM secrets.
To find a specific secret, enter its name (or part of its name) or Secret ID in the Search box (in the top right of the page).
To sort the secrets in the grid, click the required column header. You can change the column sort order from ascending to descending, and vice versa. To do this, click the Sort arrow in the corresponding column header on the right. If the data is not sorted by a column, the Sort arrow is not shown in the column header.
To filter the secrets in the grid, the following filters are available:
• Secret Type: Allows the filtering of secrets by type.
• Password Rotation Status: Allows the filtering of secrets by the password change status.
• Security: Allows the filtering of secrets by the status of the Password Checkout functionality:
- Checked out: Where the Requires checkout checkbox is selected, and the password is checked out (i.e. when the secret is being used by a user).
- Checkout not required: Where the Requires checkout checkbox is not selected (i.e. the Password Checkout functionality is not enabled).
- Requires checkout: Where the Requires checkout checkbox is selected, and the password is checked in (i.e. when the secret is not being used).