[Password Manager Pro Masterclass] Infusing PAM in your IT security compliance journey.
Hi there, Our next topic for the Password Manager Pro Masterclass 2019 series is "Infusing PAM in your IT security compliance journey," scheduled for December 05th. Click here to register for the session. This session will focus on implementing a mature PAM strategy that ensures regulatory compliance through robust access controls and comprehensive auditing of those controls. In this Masterclass session, you'll learn how to: 1. Achieve compliance with privileged access control and management
Enforce / Require (additional) fields to be filled out
Hello, when creating new resources, there is only one required field (resource name) to be filled out. I could not find an option to set required fields for new resources. We would like to enforce specific fields to be filled out when creating a new resource. As we are using dynamic groups and filter on specific fields, we need to enforce those fields to be filled out, otherwise users might forget to fill them out and as a result, some dynamic groups might miss some resources. Is there already such
Duplicate groups are being created
I have a problem where users are creating a new resource and select a group under the drop down list for group names. However when they do this, a new group gets created and added to PMP. For example: 1. I have a resource called "Applications" which contains 10 resources. 2. Another user (Joe Bloggs) creates a new resource and under group name they select "Applications". 3. In PMP under Password Explorer pane I can see a new item appear called Joe Bloggs's Group and under that is another group
Password Manager Pro disaster recovery.
Currently working on some disaster recovery documentation for our Password Manager Pro HA configuration. I am wondering, what are the options to recover a primary server in the event that the infrastructure it is running on is gone completely? Is there a way to promote a secondary server in an HA setup to be the primary server? Would it be recommended building a completely new server and do a restore from backup? Other options? Looking for opinions to add to our discussion at work. Thanks ahead of
Pulling in service accounts with domain\username format.
I am attempting to pull in service accounts. I am successful with accounts that are in the username@domain format, but not successful with accounts with the domain\username format. Has anyone encountered this? Joe
how to grand access to just one account.
Hi, In a resource there are several accounts combined. But a user needs access to just one (1) account the other accounts should be hidden. How can I do this? The resource is discovered automatically.
[Password Manager Pro Masterclass] Leverage contextual integrations to go beyond traditional PAM.
Hi there, In the previous Masterclass session, we learned how to automate communication between business applications and DevOps tools without compromising on password security. Here's the video recording of the session for your reference. The next session will focus on leveraging your PAM strategy by integrating with other IT management solutions in your environment, and extending PAM beyond its typical capabilities. Password Manager Pro Masterclass Leverage contextual integrations to go
Storing SSH keys outside PMP
There should be an option to have new rotated SSH keys send to an external source via SFTP or some secure login. Just in case HA failed for some reason and we lost the Primary we still have the keys to rebuild from scratch.
Resource Discovery not working correctly
When trying Discover a Resource (Domain connected computer) the resource is imported with the wrong name and does not work when trying to discover accounts. I followed the instructions provided for Resource Discovery and input the Domain Name, Primary and Secondary Domain Controllers, SSL connection mode, supplied the credentials of the account being used on the PMP Server running the PMP Service, and specified the Resource to Import: (the computer name). When the resource imported it has the correct
Updating JRE
Hi, as part of keeping our servers up to date I need to update to the JRE (1.8.231) on the server that have Password Manager Pro installed and was wondering if its necessary to do something special since I know it uses it -or- just go for it. I was reading this article but is 7 years old, so wanted to confirm if same steps needs to be taken or if that changed: https://pitstop.manageengine.com/portal/community/topic/updating-java Thanks in advance and regards, J
Importing resouces using csv file
Hi, While importing resources via csv file, the column headers are also imported into PMP. Am I doing it in the correct way? For example, if the csv has headers - resource name,user account, resource name and user account is also created as a resource in PMP. Regards, Khirthana
IT analytics in 90 seconds: Monitor your inactive privileged users to mitigate security risks
Leverage Analytics Plus to stay on top of suspicious activities from your inactive privileged users. If you're not already using Analytics Plus, download your free, 30-day trial today.
How to disable weak ssl ciphers
How to disable weak ssl ciphers such as: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Can only share one certificate at a time...
I need to share a lot of certificates with users and user groups...In PMP an user can only share one certificate at time.
Find resources shared with users
Hi there, I have completed a migration of PMP on site instance to PMP in AWS. It looks like there are a number of users who were given access to resources individually rather than via groups. I can easily locate who access to resources if shared to a user group but is there a way to do the same if the resource is shared with a user? I have been going through the various tables in the database to find what I need but there is nothing there. Thank you. Gareth
Groups view not working after upgrade to 9.7
The groups view does not work anymore when I'm connected through ad auhtentication and being a SuperAdministrator. The url https://XXX:7272/SuperGroupView.ec?USERNAME=DOMAIN\user&LOGINID=1502 returns a 400 bad request code. If I try the same url by removing the domain it works: https://XXX:7272/SuperGroupView.ec?USERNAME=user&LOGINID=1502 It only fails when having the SuperAdministrator right.
IT analytics in 90 seconds: Stay on top of unusual behavior in your privileged accounts
Watch over every abnormal user activity in your privileged accounts, and catch malicious behavior using Analytics Plus reports. If you're not already using Analytics Plus, download your free, 30-day trial today.
[Password Manager Pro Masterclass] Facilitating automation in your DevOps pipeline and application communications without credential embedding.
Hi there, Our next topic for the Password Manager Pro Masterclass series is "Facilitating automation in your DevOps pipeline and application communications without credential embedding," scheduled for November 07th. Click here to register for the session. In this Masterclass session, you'll learn how to: 1. Leverage Password Manager Pro's secure APIs for application-to-application password management—SSH-CLI, XML-RPC, and REST 2. Integrate with various CI/CD tools such as Jenkins, Ansible,
Clearing Password Alerts
Password Alerts How do we clear all these alerts? We dont do password SYNC, Expired, or have minimum requirements. Is there any way to bulk fix this?
Stop Users from exporting passwords, but not admins
So it turns out that someone in the role "Password User" can export all the passwords they have access to. This stunned me as I thought PMP was supposed to be about securing passwords!! I found in the admin > export\offline access options there is a way to prevent this, however it also stops super admins (ie. me) from exporting passwords which seems odd. I have unchecked the option to export all passwords but how do I configure it so that super admins can export, but not password admin, password
IT analytics in 90 seconds: Easily detect security breaches in your privileged accounts
Spot security breaches easily by monitoring user authentication records with Analytics Plus. If you're not already using Analytics Plus, download your free, 30-day trial today.
Password Expiry Date in the past but still says valid!!
Hi all, We have some passwords in our system where there is 1 resource with multiple accounts within it. We add all passwords manually and dont use auto logon or auto change. Passwords entered into PMP have no connection with the actual server/account they are for. Our password policy is that the password when entered should expire in 90 days. There are some accounts where the password has expired i.e the date of expiry is 23/3/9, but below it, it says valid. This means that the dashboard doesn't
Cannot use UK Pound sign in password.
I have migrated 700+ passwords into a new instance of PMP and noticed that a number of passwords have a strange character symbol, looks like a ? in a black triangle shape. The symbol turns out to be £ however when I try to update the password to include £ I get the following error: "Error occurred while changing the password. Activity Logs: Trying to use Agent Mode: 1. Agent not installed in." I have attached a screenshot.
Migrating resource groups\accounts to new instance of PMP
I am currently using PMP installed on a onsite server but have now created a new PMP instance in AWS. I am now trying to export the existing groups\account in a format which I can then import easily into the new PMP. However I also want to include the user group permissions as well as I have 300+ groups to migrate and I do not want to have to add each group individually to the user groups setup in the new PMP. Is there anything which will make this easier? Note that the onsite PMP is running build
VMware Discovery in Organisation PMP
Hi, it's possible de discover VMware VM in organisation PMP ? I can do that in MSP but not in organisations. I use PMP MSP Enterprise 10.102 Thanks, Best Regards, Quentin
Password Manager Pro new build 10400
Hi, Password Manager Pro 10400 has been released and is now available for download. In this build, new features such as integration with DigiCert SSL, CSR Templates, option to exclude expired and revoked certificates and option to modify the email id of the Let's Encrypt account have been introduced. The product has also undergone numerous enhancements. Please see our Release Notes to learn in detail about the feature and enhancements included in this upgrade pack (build 10400). How to Upgrade
Unable to edit server.xml file
I was trying to edit/update server.xml and the file access is denied. I have administrative user rights on the server. I disabled the password manager service and restarted the server and try to change the file but still I cannot. I am not sure what is locking the file. Do you have any ides/solution?
IT analytics in 90 seconds: How to manage your privileged accounts' passwords like a pro
Gain comprehensive insights into password behavior and secure your privileged accounts using Analytics Plus. If you're not already using Analytics Plus, download your free, 30-day trial today.
File Transfers to Linux(Unix) servers
Would be very nice to have a file transfer method for SSH sessions like they do for Windows RDP sessions.. As is I see no way through PMP to transfer files to Linux(Unix) servers
[Password Manager Pro Masterclass] Connecting securely to devices in remote isolated networks.
Hi there, In the previous Masterclass session, we learned how to cater to the access needs of both internal users and trusted outsiders with adequate security controls. Here's the video recording of the session for your reference. The next session will focus on enabling secure communication between isolated networks without removing firewall protections for effective credential management. Password Manager Pro Masterclass Connecting securely to devices in remote isolated networks. Thursday,
Desktop support folks to view passwords
Does anyone know if I can let my desktop support folks view passwords without being an admin type user?
I was adding a second domains and by mistake I've changed the setup for the main domain controller. Now I'm unable con access PMP by web.
Maybe for this case, just changing the configuration file should solve this problem. Any ideas?
Password Manager Pro new build 10302
Hi, Password Manager Pro 10302 has been released and is now available for download. In this build, a few enhancements have been done to the Password Manager Pro agent. From now on, while installing the agent on a remote server, you will have to provide a unique 'Agent Key'. Please see our Release Notes to learn in detail about the feature and enhancements included in this upgrade pack (build 10302). How to Upgrade to Build 10302? If you are an existing customer of Password Manager Pro,
PMP Web Url not permit user to view password
Hello, there is a way to permit a standard user to use a web site URL without permit to view password. Maybe with chrome extension?
IT analytics in 90 seconds: Track anomalies in your privileged account activity
Keep a close eye on the access records of your privileged accounts to tackle security breaches using Analytics Plus. If you're not already using Analytics Plus, download your free, 30-day trial today.
Silent install of IE PMP plugin
Hello I was wondering if there are silent install switches for the IE plugin for PMP? I can't find any listed anywhere on the website or community. Thanks!
Using Restful API - Harmful Content Entered
I am trying to import resources from our existing password management system into PMP using the Restful API, and am encountering this error when trying to import passwords that contain a '>' character within the string: {"operation":{"name":"Input data is in wrong format","result":{"status":"Failed","message":"Harmful Content Entered"}}} Is there way to either disable this "malicious content" check during import, or is there another solution I can use such as encoding these values such that they
"Conflicting Password" report
Hello, Can anyone explain to me how PMP detects a "conflicting password"? It currently shows that I have 12 conflicting passwords, however, some of the systems are not on the network, so PMP would not be able to detect anything about those passwords. Is there a way to turn this feature off? Thanks, ~Allen
[Password Manager Pro Masterclass] Privileged session management: Onboarding employees and vendors for secure remote access provisioning.
Hi there, Our next topic for the Password Manager Pro Masterclass series is "Privileged session management: Onboarding employees and vendors for secure remote access provisioning," scheduled for October 10th. Click here to register for the session. In this Masterclass session, you'll learn how to: 1. Launch direct RDP, VNC, and SSH sessions from any HTML5-compatible browser without endpoint agents, browser plug-ins, or helper programs. 2. Secure access gateways to establish reliable connections
IT analytics in 90 seconds: Monitor privileged account permissions to mitigate insider threats
Monitor and curtail user privileges to protect your privileged accounts from insider threats and malware attacks using Analytics Plus reports. If you're not already using Analytics Plus, download your free, 30-day trial today.
Next Page