× Welcome to the Centrify Community! New to the Community? Start Here.

What role is required so everyone can use password vault
Turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Do you mean 
Reply
SD810161
Participant III
SD810161
Posts: 11
Registered: ‎10-10-2018
#1 of 7 917

What role is required so everyone can use password vault

‎12-03-2018 11:25 AM

We are currently using Centrify cloud for all SSO and recently enabled password vault to store ID's and password for admin's.  Now we want to enable it so all users who may have a priviledged ID for online apps or other applications can store those ID's and password in Centrify. 

 

What role can I grant to all non-centrify admins to grant them access to Secrets / Domain accounts to be able to add ID's and passwords for Id's they own.

 

Thanks in advance.

Report Inappropriate Content
Reply
0 Kudos
Highlighted
Centrify Guru I
Centrify Guru I
Robertson
Posts: 2,433
Registered: ‎07-26-2012
#2 of 7 912

Re: What role is required so everyone can use password vault

[ Edited ]

‎12-03-2018 03:48 PM

@SD810161

 

For Applications (Web Apps) - Idaptive:  No role is required.  Everyone can add their own user/password apps and use the password wallet.  That's part of the basic SKU.

user-portal.png

 

For Infrastructure (Systems, Accounts, Secrets, etc) - Centrify:  Use the Privilege Access Service User right for the role that will contain the users.  I am not sure how you licensed the product, but there are cost implications of that move.

 

psu.PNG

 

R.P

 

 

Want to learn more about practical Centrify examples? Check out my blog at http://centrifying.blogspot.com
Follow Centrify:
Report Inappropriate Content
Reply
0 Kudos
SD810161
Participant III
SD810161
Posts: 11
Registered: ‎10-10-2018
#3 of 7 834

Re: What role is required so everyone can use password vault

‎12-20-2018 06:31 AM

I created a new role and added Privilege Access Service User permissions to the role.  I then added user to that role but the user cannot see the admin portal in the dropdown after they login. 

Report Inappropriate Content
Reply
0 Kudos
Centrify Guru I
Centrify Guru I
Robertson
Posts: 2,433
Registered: ‎07-26-2012
#4 of 7 830

Re: What role is required so everyone can use password vault

‎12-20-2018 06:37 AM

Refresh the browser or reload the rights.

If you assigned by way of AD group membership, make sure changes in your directory have been replicated.

Want to learn more about practical Centrify examples? Check out my blog at http://centrifying.blogspot.com
Follow Centrify:
Report Inappropriate Content
Reply
0 Kudos
SD810161
Participant III
SD810161
Posts: 11
Registered: ‎10-10-2018
#5 of 7 779

Re: What role is required so everyone can use password vault

‎12-21-2018 11:27 AM

Thanks the info.  The reload worked and the user can switch to admin portal and look at the accounts, but they still don't have the Add button available to add new secrets or accounts.

 

Is that a different role?

 

Report Inappropriate Content
Reply
0 Kudos
SD810161
Participant III
SD810161
Posts: 11
Registered: ‎10-10-2018
#6 of 7 549

Re: What role is required so everyone can use password vault

‎01-14-2019 08:05 AM

Is there a role different from being able to view?

Report Inappropriate Content
Reply
0 Kudos
Centrify Guru I
Centrify Guru I
Robertson
Posts: 2,433
Registered: ‎07-26-2012
#7 of 7 542

Re: What role is required so everyone can use password vault

‎01-14-2019 12:51 PM

What’s your requirement?
Please use examples.

All role profiles: https://docs.centrify.com/Content/CoreServices/UsersRoles/AdministrativeRights.htm
Want to learn more about practical Centrify examples? Check out my blog at http://centrifying.blogspot.com
Follow Centrify:
Report Inappropriate Content
Reply
0 Kudos