Jump to content

All Activity

This stream auto-updates     

  1. Yesterday
  2. Hi mcgreggers99, As a Security Administrator of Passwordstate, you can do this without impersonating a user in a couple of ways: On the screen Administration -> Password Lists (from the Actions menu for the releavant Password List) On the screen Administration -> Reporting (look at the various Permission reports) And when you are impersonating a user, you can see their permissions as per the screenshot below We hope this helps. Regards Click Studios
  3. Good afternoon. I love the impersonation feature in the product to see what a user will see when they log in, but I can't seem to find a way to PROVE that they can make modifications to lists since everything is greyed out the exact same if they have modify permissions versus just view permissions. Does anyone know of a way to PROVE that a user can make modifications other than actually logging in with their account to test? Thanks
  4. Last week
  5. Hi Oscar, could you try removing the < > in the username and see if that helps? ## Enable sudo rootpw for Passwordstate Privileged Account Defaults Defaults:svc_password_reset rootpw If that doesn't help then we're unsure sorry, as we do not have an environment set up to use AD accounts with Linux machines. Regards, Support
  6. Please allow us to limit the Account Types that can be selected for a secret, either globally or (preferably) by list. For example, I have no Juniper devices, so it'd be great to just hide that account type. Further, say I had a password list "Firewalls", limit the account types that can be added to that list to say FortiGate, SonicWall, Firewall, etc. Also, in order to use certain icons for specific password lists, I've had to create Account Types, when really it's just the icon. For example, to visually differentiate between standard and "Privileged" password lists, I have to create an Account Type. It's all Active Directory accounts, for example, but now I've got two different "types" that can represent it (and how to I tie the Active Directory password change / heartbeat scripts to a new custom account type)?
  7. I love the ability to impersonate a user and "see what they see", but I haven't be able to find a way to stop impersonating a user and revert back to my own session, short of logging out and back in. Would be great if there were a link in the upper nav next to the flag "Currently Impersonating User XYZ" to "Stop Impersonating"
  8. +1 Our policy is to never store end user passwords longer than it takes to complete a support ticket, so while it would be great to securely collect, it would also be great if that password could be automatically removed after some defined interval.
  9. Currently, if the browser extension fails to auto-fill the login fields, you have to select the link, which redirects you to the specific URL for the Passwordstate record of that account. Since the browser extension is able to retrieve the password already (to automatically fill the web form), is it possible to allow the user to simply "copy to clipboard" the password and have it generate the same audit event ("Password copied to clipboard")?
  10. That didnt seem to work unfortunately, unless im doing something wrong. I vi /etc/sudoers file and add the follow at the very bottom: ## Enable sudo rootpw for Passwordstate Privileged Account Defaults Defaults:<svc_password_reset> rootpw Save it, then try to run the password reset again, and still nothing. The password to root is unchanged.
  11. Hi, as already mentioned here, I would like to open a feature request and hope that it can be implemented. Short version: It would be great if the setup of a 2FA app for One-Time Passwords could be made more user-friendly. We are using the One-Time Password Settings solution for all users inside PasswordState. Every user get's a prompt at the first login to specify the One-Time Password settings. But this confuses the majority of users and almost nobody wants to change these settings at all. Is it possible to change the displayed menu to show only the Secret Key + Generate button by default and add the possibility to open an "Advanced" section where you can change the settings? The selection of the token type could also be displayed if you think it is necessary (in our case this would not be necessary). The default settings can be set in the Admin Settings, so we can define the default settings there and this should be no problem. Something like this would be more user friendly (+ the advanced section if needed): (This is an example found on https://help.dreamhost.com/hc/en-us/articles/215343108-How-to-use-the-Google-Authenticator-app-with-Multifactor-Authentication) Thanks for your help and keep healthy, René
  12. Hi Mordecai, Unfortunately there's no way to currently do this, so please feel free to log a feature request and if it gets enough interest we'll include it in a future build: https://www.clickstudios.com.au/community/index.php?/forum/38-feature-requests/ Regards, Support
  13. Hi Oscar, Can you set the AD account in the sudoers file as per section 14 of this document and hopefully this helps? https://www.clickstudios.com.au/downloads/version8/Password_Discovery_Reset_and_Validation_Requirements.pdf Regards, Support
  14. Hi, just a short question if it is possible to hide the One-Time Password Settings for (new) users at the moment. (If not i would open a feature request ;-)). We are using the One-Time Password Settings solution for all users inside passwordstate. Every user get's a prompt at the first login to specify the One-Time Password settings. But this confuses the majority of users and almost nobody wants to change these settings at all. Is it possible to change the displayed menu to show only the Secret Key + Generate button by default and add the possibility to open an "Advanced" section where you can change the settings? The selection of the token type could also be displayed if you think it is necessary (in our case this would not be necessary). The default settings can be set in the Admin Settings, so we can define the default settings there and this should be no problem. Something like this (+ the advanced section if needed): (This is an example found on https://help.dreamhost.com/hc/en-us/articles/215343108-How-to-use-the-Google-Authenticator-app-with-Multifactor-Authentication) Thanks for your help and keep healthy, René
  15. Hello Anton, The API Key from a folder cannot be used to search for Password Lists - we've updating the wording in the latest release to make this a little bit more clear. Instead you need to use the System Wide API Key, which is found on the screen Administration -> System Settings -> API We hope this helps. Regards Click Studios
  16. Hello everyone, i want to get the PasswordLIST ID from a PublicList, using the API. $PasswordstateUrl = 'https://server/api/searchpasswordlists/?PasswordList=test' Invoke-Restmethod -Method GET -Uri $PasswordstateUrl -Header @{ "APIKey" = "myKey" } But i always get the error: Invoke-Restmethod : [{"errors":[{"message":"Invalid API Call"},{"phrase":"Error = Object reference not set to an instance of an object."}]}] My Passwordstate looks like this: <see attachments> The APIKEY is from the Folder "test" (the Folder under Linux) and I want to get the PasswordListID From test (under Ansible-Test) Thanks!
  17. Earlier
  18. Hi Emad, When ever we replied to your emails, it would be returned as an unknown email address from outlook.com - which is very odd. A lot of customers do use this feature for backups, so we can only presume you must have missed one of the settings, or group policy restrictions, mentioned in the Security Administrator's manual. Can you double check everything again? Maybe email as a screenshot of your backup settings screen to take a look at? Regards Click Studios
  19. Hi Support thank you, I raised support ticket id=20205727070336 I have checked the user permission & followed your guide, did not work. I also added the backup domain account & SQL service account to the admin group of both SQL & passwordsatet web front server, did not work. I used my account to test backup did not work regards Emad
  20. Correct, i did this, and it's not working. It changes other local accounts, but not the root account. :/
  21. Those functions are critical to manage Hosts programmatically : Adding a new Folder Search for Folders Add Hosts to Folder Link RDP Credential(s)
  22. You may find yourself in a situation where you need to use the Passwordstate browser extension on a machine which does not have access to the internet, but it does have access to your Passwordstate web server. Under these conditions, it's not possible to download the extension directly from the App Store, so you'll need to load up the extension manually. For this reason, you'll need to get a copy of the install files. Below are instructions on where to find a copy of these source files, which you'll need to download on a machine that has access to the internet, and then you should transfer them to the offline machine. Chrome: Download Link: https://www.clickstudios.com.au/downloads/chromeextension.zip Edge: Download Link: https://www.clickstudios.com.au/downloads/edgeextension.zip Firefox: Download Link: https://www.clickstudios.com.au/downloads/firefoxextension.zip Regards, Support
  23. Hi Jack, Yes, that is the process for modifying and restoring the scripts, but please be aware that if we ever need to update a script at any stage, it will overwrite your changes. Regards Click Studios
  1. Load more activity
×
×
  • Create New...