Posts: 28
Threads: 5
Joined: Sep 2023
Reputation:
0
Currently when syncing objects from Thycotic server (Delinea) it will check out all secrets in the folder being syncd meaning that nobody else can check them out and they're exclusively in your name.
I'd like this to work where you can view a list of secrets available and only check out the ones that you select, leaving the rest checked in, like you would if you was using the PAM web interface.
Thanks.
Posts: 10,982
Threads: 97
Joined: Aug 2006
Reputation:
198
Hi,
thanks for your suggestion - I just checked the API - there are optional parameters when reading the credentials
AutoCheckIn - AutoCheckOut - ForceCheckIn
Didn't know that in detail - would it make sense to try to use these parameters instead? We can try set AutoCheckOut = false - or if that do not work - to set ForceCheckIn = true
What do you think - Selecting credentials to sync can be also implemented, but would take some more time...
Regards/Gruss
Oliver
Posts: 10,982
Threads: 97
Joined: Aug 2006
Reputation:
198
You can't test it currently - I see that the API supports that setting - we need to implement - I guess all customers before had this feature deactivated :-)
I will update you as soon I have something to test
Regards/Gruss
Oliver
Posts: 10,982
Threads: 97
Joined: Aug 2006
Reputation:
198
Will give you access to preview version in the next days...
Regards/Gruss
Oliver
Posts: 10,982
Threads: 97
Joined: Aug 2006
Reputation:
198
Send you PM with Download-Link
Regards/Gruss
Oliver
Posts: 28
Threads: 5
Joined: Sep 2023
Reputation:
0
I'm still experiencing issues with syncing these secrets, I have selected the folder that they're in but they're not showing in there.
Posts: 10,982
Threads: 97
Joined: Aug 2006
Reputation:
198
What options are set for these secrets? I can ask if we can setup in our environment similar settings - but I need the exact setup of these secrets...
Regards/Gruss
Oliver
Posts: 28
Threads: 5
Joined: Sep 2023
Reputation:
0
They're set to require check out, checkout interval is 2 days, change password on check in set to yes, require comment set to yes.
Posts: 10,982
Threads: 97
Joined: Aug 2006
Reputation:
198
I will try to setup the same in the next days - need to wait for our IT security team
Regards/Gruss
Oliver
Posts: 10,982
Threads: 97
Joined: Aug 2006
Reputation:
198
Just to update you - I can reproduce your issue - now investigating how to solve that issue :-)
Regards/Gruss
Oliver
Posts: 10,982
Threads: 97
Joined: Aug 2006
Reputation:
198
Now I would like to get your ideas on how to implement - if secrets are restricted we can't get the details without checkout / comment.
Would it be ok to set "Checkout" manually? Like a context menu "Checkout Secret" - then a dialog is displayed where to enter your comment - checkout is done - then you should be able to use that cred for connecting to any destination - afterwards you can select "Checkin" in context menu.
Regards/Gruss
Oliver
Posts: 28
Threads: 5
Joined: Sep 2023
Reputation:
0
Is there any update on this?
Posts: 10,982
Threads: 97
Joined: Aug 2006
Reputation:
198
Yes - the next main release will be published in the next days - and it is implemented
Regards/Gruss
Oliver
Posts: 28
Threads: 5
Joined: Sep 2023
Reputation:
0
Has the main release been published yet? If so can I have a link to this please?