To view the accounts that are part of a resource, go to the "Resources" tab and click the particular resource name. The accounts would be displayed.
By default, passwords are shown in hidden form behind asterisks. Just click the asterisks to view the password in plain text. The passwords are shown for 10 seconds only. After that, they will be automatically hidden. If you want to view, you need to click again. If you want to modify the default 10 seconds, you can do so from General Settings.
By default, when a user tries to retrieve the password of a resource, on clicking the asterisks, the passwords appear in plain text. If you want to force your users to provide a reason why access to the password was needed, you can enable the option "Force users to provide reason while retrieving the passwords" in General Settings.
Through the auto logon feature, PMP provides the option to establish direct connection to the resource eliminating the need for copy-paste of passwords. By default, password users and auditors will be able to retrieve the passwords that are shared with them. If auto logon is configured, they might not need access to the passwords. In such cases, you can take a decision on allowing/restricting access to passwords and implement the same through the option "Allow password users and auditors to retrieve passwords for which auto logon is configured" in General Settings.
PMP leverages clipboard utility of browsers to copy passwords when you intend to copy and paste passwords. Click the copy icon present by the side of the passwords to copy them. The copied passwords will be available for pasting for 30 seconds.
To change the passwords of user accounts, click the "Change Password" icon against the account name. In the UI that pops-up, enter the new password and confirm the same and then click "Save". Here, password policy set by the administrator for this resource would get enforced. For example, if the administrator has set "Strong" as the password policy, you would be allowed to change the password only if you enter a password which is strong enough in accordance with the PMP settings.
If your account belongs to any of the types - Windows, Windows Domain, Linux, IBM AIX, HP UNIX, Solaris, Mac OS, MS SQL server and Cisco Devices (IOS, CatOS, PIX), you have the option to synchronize the new password in the remote resource too. In this case, if there is a failure in updating the password in the resource, password changes will not be saved locally also.
(Feature available only in Premium Edition)
Passwords of resources such as servers, databases, network devices and other applications are stored in PMP. It is quite possible that someone who have administrative access to these resources could access the resource directly and change the password of the administrative account. In such cases, the password stored in PMP would be outdated and will not be of use to the users who access PMP for the password. PMP provides option for checking the validity of passwords at any point of time on demand and also at periodic intervals.
On demand verification for password validity could be performed for a single account or for all the resources/accounts stored in the PMP application.
To verify the integrity of the password of a single account,
Go to "Resources" or "Home" tab
Select the account whose password has to be verified for synchronization
Click the verify password icon present next the 'change password' icon
PMP will try to establish connection with the target system. Once the connection is established, it tries to login with the credentials stores in PMP. If login does not succeed, PMP concludes that the password is out of sync. In case, PMP is not even able to establish connection with the system due to some network problem, it will not be taken as password out of sync.
Note: Password Verification will work only for the accounts for which 'Remote password reset' has been enabled.
To verify all the passwords stored in PMP,
Go to "Reports" tab >> "Password Integrity" report
Click the link "Run Integrity Check"
PMP will try to establish connection with the target systems for all the accounts for which remote password reset has been enabled. Once the connection is established, it tries to login with the credentials stores in PMP. If login does not succeed, PMP concludes that the password is out of sync. In case, PMP is not even able to establish connection with the system due to some network problem, it will not be taken as password out of sync. A consolidated notification would be emailed to all the administrators and auditors.
At any point of time, you can edit the details of any of the accounts. To edit an account, go to the "Resources" tab, click the resource of which the account is a part and the click the "Edit" icon present against the account name. In the UI that pops-up, edit the required property and click "Save". The required change will get reflected in the view.
A single account or multiple accounts could be copied and added under one or more resources. The replicated accounts could then be edited to suit your requirements. When you want to have the same identical accounts under many resources, this will help in adding the accounts with ease. The copying operation does not affect the account being copied in anyway.
To copy one or more accounts, go to the "Resources" tab, click the resource of which the account is a part and select the account or accounts to be copied. Then click the "Copy" button. In the UI that pops-up, you can choose to inherit the share permissions also (the new account will also be shared with all those who had permission to view the parent account). You can also specify the number of copies required. The account(s) will appear under the selected resource(s).
A single account or multiple accounts part of this resource could be moved under another resource. When you do so, the selected account(s) will be removed from the present resource.
To move one or more accounts, go to the "Resources" tab, click the resource of which the account is a part and select the account or accounts to be moved. Then click the "Move" button. In the UI that pops-up, you can choose to Move the share permissions also (the new account will also be shared with all those who had permission to view the account being moved). The account(s) will be removed from the present resource and it will appear under the selected resource(s).
The history of changes done to the passwords are captured in the form of password history. Information such as the old password, modified by whom, from which machine and the time at which it was modified are all captured in history. To view password history of an account, go to the "Resources" tab, click the resource of which the account is a part and the click the icon present beside the "Last Modified" column. In the UI that pops-up, password history would be displayed.
©2014, ZOHO Corp. All Rights Reserved.