PUT ManagedSystems/{id}

Purpose

Updates an existing managed system by ID.

PUT ManagedSystems/{id} supports all managed system types: dynamic asset, static asset, dynamic database, static database, directory, and cloud.

Required permissions

Password Safe System Management (Read/Write).

URL parameters

id: ID of the managed system.

Query parameters

Version: (optional, default: 3.0) Request body model version (3.0, 3.1, 3.2, 3.3)

Request body (version 3.0)

Content-Type: application/json

{
    WorkgroupID : int,

    HostName : string,

    IPAddress : string,
    DnsName : string,
    InstanceName : string,
    IsDefaultInstance : bool, // can be null
    Template : string,
    ForestName : string,
    UseSSL : bool, // can be null

    PlatformID : int,
    NetBiosName : string,
    ContactEmail : string,
    Description : string,
    Port : int, // can be null
    Timeout : short,
    SshKeyEnforcementMode : int, // can be null
    PasswordRuleID : int,
    DSSKeyRuleID : int, // can be null
    LoginAccountID : int, // can be null
    ReleaseDuration : int,
    MaxReleaseDuration : int,
    ISAReleaseDuration : int,
    AutoManagementFlag : bool,
    FunctionalAccountID : int, // can be null
    ElevationCommand : string, // can be null
    CheckPasswordFlag : bool,
    ChangePasswordAfterAnyReleaseFlag : bool,
    ResetPasswordOnMismatchFlag : bool,
    ChangeFrequencyType : string,
    ChangeFrequencyDays : int,
    ChangeTime : string,
    AccessURL : string
}

Request body (version 3.1)

Content-Type: application/json

{
    WorkgroupID : int,

    HostName : string,

    IPAddress : string,
    DnsName : string,
    InstanceName : string,
    IsDefaultInstance : bool, // can be null
    Template : string,
    ForestName : string,
    UseSSL : bool, // can be null

    PlatformID : int,
    NetBiosName : string,
    ContactEmail : string,
    Description : string,
    Port : int, // can be null
    Timeout : short,
    SshKeyEnforcementMode : int, // can be null
    PasswordRuleID : int,
    DSSKeyRuleID : int, // can be null
    LoginAccountID : int, // can be null
    ReleaseDuration : int,
    MaxReleaseDuration : int,
    ISAReleaseDuration : int,
    AutoManagementFlag : bool,
    FunctionalAccountID : int, // can be null
    ElevationCommand : string, // can be null
    CheckPasswordFlag : bool,
    ChangePasswordAfterAnyReleaseFlag : bool,
    ResetPasswordOnMismatchFlag : bool,
    ChangeFrequencyType : string,
    ChangeFrequencyDays : int,
    ChangeTime : string,
    RemoteClientType : string,
    AccessURL : string
}

Request body (version 3.2)

Content-Type: application/json

{
    WorkgroupID : int,
    HostName : string,
    IPAddress : string,
    DnsName : string,
    InstanceName : string,
    IsDefaultInstance : bool, // can be null
    Template : string,
    ForestName : string,
    UseSSL : bool, // can be null
    PlatformID : int,
    NetBiosName : string,
    ContactEmail : string,
    Description : string,
    Port : int, // can be null
    Timeout : short,
    SshKeyEnforcementMode : int, // can be null
    PasswordRuleID : int,
    DSSKeyRuleID : int, // can be null
    LoginAccountID : int, // can be null
    ReleaseDuration : int,
    MaxReleaseDuration : int,
    ISAReleaseDuration : int,
    AutoManagementFlag : bool,
    FunctionalAccountID : int, // can be null
    ElevationCommand : string, // can be null
    CheckPasswordFlag : bool,
    ChangePasswordAfterAnyReleaseFlag : bool,
    ResetPasswordOnMismatchFlag : bool,
    ChangeFrequencyType : string,
    ChangeFrequencyDays : int,
    ChangeTime : string,
    RemoteClientType : string,
    ApplicationHostID : int, // can be null
    IsApplicationHost : bool,
    AccessURL : string
}

Request body (version 3.3)

Content-Type: application/json

{
    WorkgroupID : int,
    HostName : string,
    IPAddress : string,
    DnsName : string,
    InstanceName : string,
    IsDefaultInstance : bool, // can be null
    Template : string,
    ForestName : string,
    UseSSL : bool, // can be null
    PlatformID : int,
    NetBiosName : string,
    ContactEmail : string,
    Description : string,
    Port : int, // can be null
    Timeout : short,
    SshKeyEnforcementMode : int, // can be null
    PasswordRuleID : int,
    DSSKeyRuleID : int, // can be null
    LoginAccountID : int, // can be null
    ReleaseDuration : int,
    MaxReleaseDuration : int,
    ISAReleaseDuration : int,
    AutoManagementFlag : bool,
    FunctionalAccountID : int, // can be null
    ElevationCommand : string, // can be null
    CheckPasswordFlag : bool,
    ChangePasswordAfterAnyReleaseFlag : bool,
    ResetPasswordOnMismatchFlag : bool,
    ChangeFrequencyType : string,
    ChangeFrequencyDays : int,
    ChangeTime : string,
    RemoteClientType : string,
    ApplicationHostID : int, // can be null
    IsApplicationHost : bool,
    AccessURL : string
}

Request body details

  • WorkgroupID: ID of the Workgroup.
  • HostName: (required) Name of the host (applies to Static Asset, Static Database, Directory, Cloud). Max string length is 128 characters.
    • Static Asset: Asset Name.
    • Static Database: Database Host Name.
    • Directory: Directory/Domain Name.
    • Cloud: Cloud System Name.
  • IPAddress: IPv4 address of the host (applies to Static Asset, Static Database).
  • DnsName: DNS name of the host (applies to Static Asset, Static Database).
  • InstanceName: Name of the database instance. Required when IsDefaultInstance is false (applies to Static Database only).
  • IsDefaultInstance: True if the database instance is the default instance, otherwise false. Only Platforms MS SQL Server and MySQL support setting this value to true (applies to Static Database only).
  • Template: The database connection template (applies to Static Database only).
  • ForestName: Name of the Directory Forest (applies to Directory only).
  • UseSSL (default: false) True to use an SSL connection, otherwise false (applies to Directory only).
  • PlatformID: (required) ID of the Managed System Platform.
  • NetBiosName: The NetBIOS name of the host. Can be set if Platform.NetBiosNameFlag is true.
  • Port: (optional) The port used to connect to the host. If null and the related Platform.PortFlag is true, Password Safe uses Platform.DefaultPort for communication.
  • Timeout: (seconds, default: 30) Connection timeout. Length of time in seconds before a slow or unresponsive connection to the system fails.
  • SshKeyEnforcementMode: (default: 0/None) Enforcement mode for SSH host keys.
    • 0: None.
    • 1: Auto - Auto Accept Initial Key.
    • 2: Strict - Manually Accept Keys.
  • PasswordRuleID: (default: 0) ID of the default Password Rule assigned to Managed Accounts created under this Managed System.
  • DSSKeyRuleID: (default: 0) ID of the default DSS Key Rule assigned to Managed Accounts created under this Managed System. Can be set when Platform.DSSFlag is true.
  • LoginAccountID: (optional) ID of the Functional Account used for SSH Session logins. Can be set if the Platform.LoginAccountFlag is true.
  • ReleaseDuration: (minutes: 1-525600, default: 120) Default release duration.
  • MaxReleaseDuration: (minutes: 1-525600, default: 525600) Default maximum release duration.
  • ISAReleaseDuration: (minutes: 1-525600, default: 120) Default Information Systems Administrator (ISA) release duration.
  • AutoManagementFlag: (default: false) True if password auto-management is enabled, otherwise false. Can be set if Platform.AutoManagementFlag is true.
    • FunctionalAccountID: (required if AutoManagementFlag is true) ID of the Functional Account used for local Managed Account password changes. FunctionalAccount.PlatformID must either match the ManagedSystem.PlatformID or be a Directory Platform (AD, LDAP).
    • ElevationCommand: (optional) Elevation Command to use. Can be set if Platform.SupportsElevationFlag is true.
      • sudo
        • pbrun
        • pmrun
  • CheckPasswordFlag: True to enable password testing, otherwise false.
  • ChangePasswordAfterAnyReleaseFlag: True to change passwords on release of a request, otherwise false.
  • ResetPasswordOnMismatchFlag: True to queue a password change when scheduled password test fails, otherwise false.
  • RemoteClientType: (default: none) The type of remote client to use.
    • None: No remote client.
    • EPM: Endpoint Privilege Management.
  • ApplicationHostID: (default: null, required when Platform.RequiresApplicationHost = true) Managed system ID of the target application host. Must be an ID of a managed system whose IsApplicationHost = true.
  • IsApplicationHost: (default: false) True if the managed system can be used as an application host, otherwise false. Can be set when the Platform.ApplicationHostFlag = true, and cannot be set when ApplicationHostID has a value.
  • AccessURL: (default: Default URL for the selected platform) The URL used for cloud access (applies to cloud systems only). Max string length is 2048.

Response body

Content-Type: application/json

{
    WorkgroupID : int,
    ManagedSystemID : int,
    EntityTypeID: int,
    AssetID : int, // can be null
    DatabaseID : int, // can be null
    DirectoryID : int, // can be null
    CloudID : int, // can be null

    HostName : string,
    IPAddress : string,
    DnsName : string,
    InstanceName : string,
    IsDefaultInstance : bool, // can be null
    Template : string,
    ForestName : string,
    UseSSL : bool, // can be null

    SystemName : string,
    PlatformID : int,
    NetBiosName : string,
    ContactEmail : string,
    Description : string,
    Port : int, // can be null
    Timeout : short,
    SshKeyEnforcementMode : int, // can be null
    PasswordRuleID : int,
    DSSKeyRuleID : int, // can be null
    LoginAccountID : int, // can be null
    AccountNameFormat : int,
    OracleInternetDirectoryID : guid, // can be null
    OracleInternetDirectoryServiceName : string,
    ReleaseDuration : int,
    MaxReleaseDuration : int,
    ISAReleaseDuration : int,
    AutoManagementFlag : bool,
    FunctionalAccountID : int, // can be null
    ElevationCommand : string, // can be null
    CheckPasswordFlag : bool,
    ChangePasswordAfterAnyReleaseFlag : bool,
    ResetPasswordOnMismatchFlag : bool,
    ChangeFrequencyType : string,
    ChangeFrequencyDays : int,
    ChangeTime : string,
    RemoteClientType : string,
    ApplicationHostID : int, // can be null
    IsApplicationHost : bool,
    AccessURL : string
}

Response body details

  • ManagedSystemID: ID of the managed system.
  • AssetD: Asset ID; set if the managed system is an asset or a database.
  • DatabaseID: Database ID; set if the managed system is a database.
  • DirectoryID: Directory ID; set if the managed system is a directory.
  • CloudID: Cloud system ID; set if the managed system is a cloud system.
  • SystemName: Name of the related entity (asset, directory, database, or cloud).
  • PlatformID: ID of the managed system platform.
  • NetBiosName: (Managed domains only) Domain NetBIOS name. Setting this value will allow Password Safe to fall back to the NetBIOS name if needed.
  • Port: The port used to connect to the host. If null and the related Platform.PortFlag is true, Password Safe uses Platform.DefaultPort for communication.
  • Timeout: (seconds) Connection timeout. Length of time in seconds before a slow or unresponsive connection to the system fails.
  • SshKeyEnforcementMode: Enforcement mode for SSH host keys.
    • 0: None.
    • 1: Auto. Auto accept initial key.
    • 2: Strict. Manually accept keys.
  • PasswordRuleID: ID of the default password rule assigned to managed accounts created under this managed system.
  • DSSKeyRuleID: ID of the default DSS key rule assigned to managed accounts created under this managed system.
  • LoginAccountID: ID of the functional account used for SSH session logins.
  • ReleaseDuration: (minutes: 1-525600) Default release duration.
  • MaxReleaseDuration: (minutes: 1-525600) Default maximum release duration.
  • ISAReleaseDuration: (minutes: 1-525600) Default Information Systems Administrator (ISA) release duration.
  • AutoManagementFlag: True if password auto-management is enabled, otherwise false.
    • FunctionalAccountID: ID of the functional account used for local managed account password changes.
    • ElevationCommand: Elevation command to use (sudo, pbrun, pmrun).
    • CheckPasswordFlag: True to enable password testing, otherwise false.
    • ChangePasswordAfterAnyReleaseFlag: True to change passwords on release of a request, otherwise false.
    • ResetPasswordOnMismatchFlag: True to queue a password change when scheduled password test fails, otherwise false.
    • ChangeFrequencyType: The change frequency for scheduled password changes:
      • first: Changes scheduled for the first day of the month.
      • last: Changes scheduled for the last day of the month.
      • xdays: Changes scheduled every x days (see ChangeFrequencyDays).
    • ChangeFrequencyDays: (days: 1-90) When ChangeFrequencyType is xdays, password changes take place this configured number of days.
    • ChangeTime: (24hr format: 00:00-23:59) UTC time of day scheduled password changes take place.
  • RemoteClientType: The type of remote client to use.
    • None: No remote client.
    • EPM: Endpoint Privilege Management.
  • ApplicationHostID: Managed system ID of the target application host. Must be an ID of a managed system whose IsApplicationHost = true.
  • IsApplicationHost: True if the managed system can be used as an application host, otherwise false. Can be set when the Platform.ApplicationHostFlag = true, and cannot be set when ApplicationHostID has a value.
  • AccessURL: The URL used for cloud access (applies to cloud systems only).

Response codes

200 - Request successful. Managed System in response body.

For more information, please see Common response codes.