Jump to content

Leaderboard


Popular Content

Showing most liked content since 11/12/17 in all areas

  1. 2 points
    As stated by support, Copy & Link is available between as many lists as desired. Add a custom field, add your 'tags'. Make sure the field isn't encrypted so that it is searchable. We've done this to make it easy to find passwords related to applications or services; and another custom field so we can search by server name. It'd be wonderful to link security items through to hosts that exist in the system rather than using a custom field for it, but it's not a big deal. A drop down field with a simply 'True' 'False' or 'Yes' 'No' values would achieve this. The first value you set in the field is the default value when creating new security items. Radio buttons would also achieve this - you can only select one radio button at a time, so its either true or false.
  2. 2 points
    support

    Temporary access

    Hi Kinglsulgard, Thanks for your interest in our software and we do have a couple of options that you can try to resolve this problem: First solution: I don't think this is what you are after but we have a feature called remote session launcher. This allows you to remote into machines on your network without the need to enter a username and password. You could give your contractors access to this feature, and they do not even need to know the password. This means they will connect to the machine using a username and password that you have pre-configured, and they can then perform their work. As long as they don't need to know the password to do their work, this might be a good option for you. Here's how to set up the Remote Session Launcher: https://www.clickstudios.com.au/community/index.php?/topic/2110-how-to-set-up-the-remote-session-launcher-passwordstate-8/ Here's how to use the remote session launcher without even knowing the password: https://www.clickstudios.com.au/community/index.php?/topic/2112-remote-sessions-without-access-to-password-credentials/ Second Solution: Give the user Time Based access to the individual password, and force the password to be changed once that access runs out. To do this, go to the permissions on the password from the Actions Menu: And then choose the user to grant access to on the access permissions tab, and then on the time based access tab do something like this: If you take this one staep further, and set up the account for automatic password resets, passwordstate will also reset the password on the remote system. An example of this is if you are giving your contractor access to a privileged Active Directory Account, when their time based access runs out, it will reset the password in Passwordstate, and also it will reset it in Active Directory, keeping them in Sync. Please see this forum on how to set up automatic password resets for remote systems, and the Active Directory link is down the bottom: https://www.clickstudios.com.au/community/index.php?/forum/31-password-resets/ Third Solution: This may also be suitable for you, our Password Check Out/Check In feature: https://www.clickstudios.com.au/community/index.php?/topic/1687-using-the-password-check-out-feature/&tab=comments#comment-3368 Hope this helps! Support
  3. 2 points
    support

    Backup account: use a managed account

    Hello HA4g3n, We cannot really use a gMSA account here, because we need to 'Impersonate' the account in code when performing backups and upgrades, and when impersonating you need to specify the password for the account - which is not possible for gMSA accounts. We did finish this feature request yesterday, and it will be available in the next release. Regards Click Studios
  4. 1 point
    Azkabahn

    More verbose access log

    Hi, we have faced with some troubles trying to understand what exact changes were made in the password list properties. Would it be possible to get a bit verbose output of what has changed in the properties of password list? As an example: if users updates IP whitelisting it would be great that this would be indicated If the user has renamed the list the line could include something like "password list X renamed to Y". If user enabled/disabled some of the options in the password list properties that would be good to know as well. All of this info can be retrieved from the user, but it takes time to question the user and sometimes they don't even remember what changes they have done
  5. 1 point
    Azkabahn

    More verbose access log

    What Buckit is saying is very true as well in some cases. This kind of logging would make life a bit easier for security admins to do an investigation. In some cases, the users complain that something is wrong after quite some time and it's really difficult to trace back and figure it out what has been changed. The only option is to restore the backup to test instance and do the comparison :)
  6. 1 point
    Buckit

    Backup account: use a managed account

    Hi again, Poking around the Administration-section of the web interface I decided to set up automated backups for Passwordstate. I was quite surprised to find that we need to hard-code the password for the backup account. I mean, the whole point of Passwordstate is to have managed accounts Could you possibly update the automated backups in such a way that they can use a known username+password object from the Passwordstate database? That way, if the password gets changed, we won't have to manually edit the backup settings.
  7. 1 point
    support

    Backup account: use a managed account

    Hi Guys, Just letting you know that we've released Build 8204 today which includes this feature request - thanks for the suggestion Regards Click Studios
  8. 1 point
    Hi Craig, I think our software can do everything your asking. You can share a Password between Password Lists, but not if the password is configured for resets - select 'Copy or Move to Different Password List', and then you will see the first screenshot below. For your other two requests, our Generic Fields on a Password List should help with this - second screenshot below. You can select different Field Types here, so hopefully one of the options available will be appropriate. Regards Click Studios
  9. 1 point
    Yes, that's correct - admin rights on the server. Regards Click Studios
  10. 1 point
    support

    Backup account: use a managed account

    Hi Buckit, Yep good point and we'll take a look at how we can link the account on this screen, to another account in a password record so it can be managed. The tracking ID is PS-2344 and we'll report back here when we include it in a future build. Thanks for the suggestion, Support.
  11. 1 point
    Oh I see - we'll at at least that's an easy fix
  12. 1 point
    Hi Yoshi Have you enabled the "Anonymous API" and did you use the key for this API? (take a look at the screenshot above from Clickstudios). Best regards, Fabian
  13. 1 point
    Fabian Näf

    API Create Password with $ in it

    Hi All I'm not sure if this helps (I had no time to test it). I usually create the JSON as following: Create a Powershell Object, then convert it to JSON. If you do it like this, then you dont have to struggle with the string-creation. $Body = @{ PasswordList = $Name Description = $Description ApplyPermissionsForUserID = $global:UserToPermit CopySettingsFromTemplateID = $global:PasswordstateTemplateID LinkToTemplate = "False" Permission = "A" PrivatePasswordList = "false" NestUnderFolderID = $ParentFolderID APIKey = $global:PasswordStateSystemWideAPIKey } $jsonBody = $Body | ConvertTo-Json (just an example, it doesn't fit to your requirement) Best regards, Fabian
  14. 1 point
    support

    API Create Password with $ in it

    Hi Njordur, Unfortunately we don't think we can change the API to accomodate for this, but we do have a fix for you to update your scripts. I've given an exact example below which works, and an explanation below that of what you need to change: # Begin Script param( $username, $password, $description ) $jsonString = ' { "PasswordListID":9914, "Title":"company\\' + $username + '", "Description":"' + $description + '", "AccountTypeID":82, "UserName":"' + $username + '", "password":"' + $password + '", "APIKey":"63fca2537db89e4fb32954234532455", "PasswordResetEnabled":true, "PrivilegedAccountID":2044, "HeartbeatEnabled":true, "ValidationScriptID":9, "ADDomainNetBIOS":"halox" } " ' Invoke-RestMethod -Uri https://alien.halox.net/api/passwords/ -Method Post -ContentType "application/json" -Body $jsonString # End Script Things I changed: 1. The opening brackets of the JSON string $jsonString = @" to $jsonString = ' 2. the variables inside the jsons string are now enclosed with a single quote and + symbol. So we went from "UserName":"$username" to "UserName":"' + $username + '" 3. the closing brackets of the JSON went from }"@ to }' I hope this is not too much trouble to change your scripts, and we hope this helps! Regards, Support.
  15. 1 point
    Hi GregSmid, We managed to get Idrac working over the weekend with a new Firefox build. We still have some testing to do before we submit to the store, and we'll let you know when it's available. Regards, Support.
  16. 1 point
    Hi I made two PowerShell-Scripts to import your personal data into Passwordstate. One is for importing from KeePass and one for importing from Passwordsafe. Because Clickstudios is a great company with an amazing product and support, I like to share my scripts with the community. Terms: These scripts are free to use, it's not allowed to resell my scripts or making business with it! There's absolutely no warranty about what the scripts are doing, you use them on your own risk. I made these scripts, because the script above from Clickstudios has two disadvantages: It doesn't import the folder structure (everything is in one folder after importing). First you need to export to KeePass 1.3.2 and than export it from KeePass 1.3.2 into a CSV-File Prerequisits ID of a Template with URL-Field enabled (see manual from Clickstudios above) Systemwide API Key (see manual from Clickstudios above) ID of the folder in which you like to import to (for importing in Root, the ID is 0) Using my PowerShell-Scripts My scripts are built to import a users personal KeePass/Passwordsafe data, so you need to specify a Username (e.g. domain\username), which you like to give access to the imported datas. If you first like to checkout, what whould happen if you would run the script, you can change "$global:PasswordstateWhatIf = $False" to "$global:PasswordstateWhatIf = $True". KeePass Export your data from KeePass (tested with Version 2.35) as XML-File. Start KeePassImporter.ps1 with PowerShell, enter requested datas and choose the XML-File. Passwordsafe Export your data from Passwordsafe (tested with Version 3.42.01) as "Plain Text (tab separated)". As Delimiter use the default-value "»" Start PasswordsafeImporter.ps1 with PowerShell, enter requested datas and choose the Plain Text-File. Best regards & good luck with these scripts, Fabian PasswordsafeImporter.ps1 KeePassImporter.ps1
×