In order to manage the passwords of your privileged accounts, you should add your end points as resources in Password Manager Pro (PMP). We use the term "resource" to denote any server, application, network device or an appliance that contains user accounts and passwords.
Addition of resources to be managed in your setup falls under two steps:
Step 1: Adding Resource Details
There are three ways to add a resource in PMP :
- Add Manually
- Import From File
- Import From KeePass
- Click the Resources tab on the left.
- Click the Add Resource drop-down menu, and select "Add Manually" as shown below.
- In the next screen that appears, follow the below steps to fill in the details.
- In the Resource Name field, enter the name of the resource you want to add. This name uniquely identifies a resource in PMP and therefore, must be distinct, as no two resources can have the same name. This field is mandatory as its value is used by PMP to identify the resources while performing various operations including password management.
- Enter the DNS Name or IP Address of the resource against DNS Name/IP Address field. Although this field is not a requisite for adding a resource, it is mandatory to have a valid DNS name or IP address to perform remote operations like remote password reset, account discovery and one-click login.
- In the "Resource Type" field, choose the type of your resource from the drop-down menu (the default value will be "Windows"). Based on the resource type, PMP uses unique procedures for password resets. For example, the password reset mechanism of Windows is not the same as that of Linux or Mac. This field also helps to organize your resources based on their type.
Add a custom resource type: You can also add a custom resource type by clicking the Add New option beside this field. You can enter a customized resource type in the next screen, such as an App or a printer (as mentioned earlier, anything that has a username and a password can be a resource! ), and then click the Add button as shown below.
- In the "Group Name" field, choose the name of the group you want to add this resource into, from the drop-down menu. For example, you can add all the Windows servers or Linux servers to a single resource group. You can also add a new group here by clicking the Add New option, giving a group name and clicking Add, and then choosing the same from the drop-down. Otherwise, you can leave this field to the default value (Default Group). For more info on resource groups and how to create one, click here.
- "Description", "Department" and "Location" are not mandatory fields. These may or may not be filled based on your choice, but having these fields populated with the correct values will be helpful for searching and grouping the resources.
- If you are adding a domain controller with the resource type as WindowsDomain, please provide the domain NETBIOS name in the Domain Name field. This is required for Windows Service Account Reset feature.
- Fill the Resource URL field if you are adding a web application or a website as a resource. In this case, the resource type would be Web Site Accounts. If you want to access any web-based resource, you can simply specify the full URL for the same in this field, for example, https://sso.godaddy.com. This value will be used for the auto-fill feature that works with the help of our browser extensions (Chrome, Firefox and IE).
- Choose the required Password Policy from the drop-down menu. When PMP randomly generates passwords for accounts, they will be in compliance to the policy you choose here.
- Click Save in order to add the resource.
Note : Clicking Save and Proceed will add the resource and open a dialog box that will prompt you to add the corresponding user accounts to that resource.To know how to add user accounts to the resource you've just added, refer the next section (Adding Account Details - step 3).
Can others see the resources added by me?
Except super administrators (if configured in your PMP set up), no one, including admin users will be able to see the resources added by you. Apart from this, if you decide to share your resources with other administrators, they will be able to see them.
Please refer to Importing Resources to know more about importing resources from Files and KeePass.
Step 2: Adding Account Details
The second step is to add all the user accounts under this resource and their passwords, that are to be managed by PMP. Below are the steps to do so.
- Click the Resources tab on the left.
- Choose the resource you want to add an account to. In the drop-down menu for "Resource Actions", click Add accounts as shown below.
You can also add an account to a resource by clicking the resource, and then clicking Add as shown below.
In either case, you will see a dialog box as shown below.
- In the "User Account" field, enter the name of the account you want PMP to manage the password for. Each account is unique under a single resource, i.e., no two accounts can have the same name under a particular resource. This field is mandatory.
- In the "Password" field, either enter the password of the account manually if you know it, or generate a password using the 'Generate Password' tool beside this field. If you are entering the password manually, it should be in compliance with the "Password Policy" you had set for the resource.
- Confirm the password by re-entering the password.
- Select the required Password Policy for the account - Strong, Medium or Low. The password policy is maintained at device level(while adding the resource) and account level(at this step), and the value of this field in account level can override the value of password policy set for the resource at the device level. Password Manager Pro's password generator generates passwords based on this policy. Apart from the default password policies, you can also create custom policies based on your needs.You can learn more about creating custom password policies here.
- In the "Notes" field, enter any particular details of the account you are adding. This field is useful (though not mandatory) as it will also be searched through when you search for a particular account in PMP's search tool.
- Click Add, which will list this account in the table below on the same page, under User accounts column.
- You can add any number of accounts under a particular resource by following the above steps. All these accounts will then be listed in the table below under "User Accounts" column.
- Click Save.
Important Note: If you want to enable password reset in remote systems, make sure that the passwords you enter in this step and the ones in the actual target systems are the same. Password Manager Pro uses these credentials to log in to the target systems for resetting the password, and if the passwords are wrong, the password reset will not happen.
This will add the required user account(s) and password(s) to the resource. Users who are authorized to access the resource will be able to view the information.
PMP also allows its users to store passwords for other types of sensitive data like files, images and documents.
Storing Digital Certificates, Licence Keys, Files, Documents, Images, etc.
Different file types could be securely stored in the Password Manager Pro repository along with the passwords. To store a license key, certificate, document, etc., you need to select the 'Resource Type' as explained below:
By default, Password Manager Pro supports the following file stores:
Certificate store: to store any private / public keys, digital certificates and digital signature files
License key store: to store any software license keys
File store: to store any digital content (documents, pictures, executables etc)
You can create any new resource type as per your requirements.
Resources of the above types are managed and shared the same way as other resources. During retrieval, a link to the file is provided for it to be saved locally to the disc.