Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
PAM Secrets With Comments Unable to Use
#1
I'm unable to check out PAM secrets that require comments in order to check them out.

RRD version 16.0.8070.1

Password manager = Delinea Thycotic Secret Server.
Reply
#2
In API there is a field "autoComment" - we can set this field.

But currently I don't know when is a secret "checked out"? On sync of secrets we set "noAutoCheckout = true" to prevent it - when should be set a comment? I can add a field in Delinea Settings that is used on API-Calls - also autoCheckin, autoCheckout can be set - but need some more details when that make sense?!?
Regards/Gruss
Oliver
Reply
#3
(13-02-2024, 03:56 PM)DevOma Wrote: In API there is a field "autoComment" - we can set this field.

But currently I don't know when is a secret "checked out"? On sync of secrets we set "noAutoCheckout = true" to prevent it - when should be set a comment? I can add a field in Delinea Settings that is used on API-Calls - also autoCheckin, autoCheckout can be set - but need some more details when that make sense?!?

"Auotocomment" could be set when the secret is used to connect to a server, before this only display secret names as at the moment the folder appears blank even though there are secrets in the folder.

"autocheckin" / "autocheckout" - I don't think we need this, PAM checks secrets in by default based on a time period set in there.
Reply
#4
New option "AutoComment" integrated and used
Regards/Gruss
Oliver
Reply
#5
Empty folders - don't know what is causing your empty folders...
Regards/Gruss
Oliver
Reply
#6
(13-02-2024, 04:50 PM)DevOma Wrote: New option "AutoComment" integrated and used

Thanks, how do I access this version?
Reply
#7
I'm still facing this issue where the folder I'm syncing isn't displaying any secrets within it when sycned to RRD. It is syncing other folders but not this one, this is one where the secrets require a comment to check them out, not sure if this is related?

I'm using RRD 2024 version 17.0.8115.1.
Reply
#8
Could you please ensure you are using REST-API - in Settings=>Delinea Secret Server - and use the URL like I posted before - I think I have tested with both API's but would be a try to test it with REST-API

I have created in my test environment a folder with highest security template - and I can read this folder and secrets inside this folder now - the secrets are restricted, we check that and do not read the content of these items anymore unless you are checking them out - The restricted secrets are marked with new red image - and then you can "check out" these secrets and use it afterwards

You can only sync these restricted secrets with option "Only sync object names" - else it would check-out the secret by first read
Regards/Gruss
Oliver
Reply
#9
The URL I'm using is like this:

https://pamportal.%COMPANYNAME%.com/Secr...rvice.asmx
Reply
#10
Hi,

Yes of course, I have permissions in PAM to check out the secrets I'm trying to use.

This has since been resolved.

Thanks.
Reply




Users browsing this thread: 1 Guest(s)