Workflow to Add Systems and Accounts to Password Safe Management
There are three ways to add systems and accounts to Password Safe:
- Add the asset manually.
- Run a Discovery Scan and then import the assets using an address group or directory query.
- Use API scripts.
The following is a high-level overview of the steps required to add systems and accounts to be managed in Password Safe.
- Add the functional account: A functional account is one that can access the system with the privileges required to manage and change passwords for shared accounts on the system.
- Add the managed system: A managed system is a computer or device where one or more account passwords are to be maintained by Password Safe. Managed systems can be Windows machines, Unix/Linux machines, network devices, databases, firewalls, routers, iLO machines, and LDAP or Active Directory domains.
- Add the managed account: A managed account is an account on the managed system whose password is being stored and maintained through Password Safe. Typically, managed accounts are privileged accounts that can perform administrative tasks on the managed system.
- Configure managed system settings: After a system is added to Password Safe, configure settings that apply to the managed system.
- Set up role based access: Create user groups that permit users to:
- Log in to the Password Safe web portal.
- Assign Password Safe roles, such as Requester or Approver.
- Create access policies to permit accounts to access the systems, applications, and sessions, and to request password releases.