PRS – Webinar – Reduce Password Reset Calls(4/14/2014) [no replies]last message by Kaitlin in Secret Server Is your help-desk flooded with end-user Active Directory password reset requests? Learn how you can automate the process with our solution, Password Reset Server. Please click here to join the webinar on Thursday, April 17 from 11:30 a.m. to 12:30 p.m. EDT Featured Speakers Jonathan Cogley, CEO, Thycotic Software Ben Yoder, Product Manager, Thycotic Software
Update on Heartbleed(4/11/2014) [no replies]last message by Kevin in Secret Server Over the last few days a vulnerability CVE-2014-0160, also known as Heartbleed, was published concerning the widely popular OpenSSL library. After careful investigation, we have determined that no Thycotic software was affected by this vulnerability.
Our products themselves (Secret Server, Password Reset Server, Group Management Server, and Secret Server Online) use Microsoft's Internet Information Services and the .NET Framework for SSL and application development. These platforms use Microsoft's SChannel for SSL communication, not OpenSSL.
Secret Server itself does utilize OpenSSL for its web password changer functionality, however the version of OpenSSL that was used, 0.9.8y, is not affected by Heartbleed.
We encourage customers to actively review their infrastructure for this vulnerability. While our products are not directly affected, it is possible that other supporting infrastructure may be at risk, such as a loadbalancer that supports SSL.
Thanks for following up with us on Heartbleed. We have published information about Thycotic and OpenSSL on this forum post.
Kevin Jones Thycotic Security Architect
Discovery & Cluster Computer Objects(4/10/2014) [3 replies]last message by Seth C in Secret Server Can you convert templates from the Web Service API? I don't think so, but thought I'd ask. I tried setting the SecretTypeID to something different, it didn't take. EIther way, I'm going to sort out cluster computer objects to a separate folder, then I can deal with them there
We have taken your request to be able to launch to the network web camera interface and we have your name attached to the request. The feature request has been passed to our Product Manager. We appreciate the feedback as it is how drive the direction of what feature we release. If you have any other feature you would like to see please submit them here.
The request of Yaron has been released in Secret Server ? If not, this feature still in your roadmap ?
We have looked into this and it looks like a bug. It will be fixed in the next release, currently scheduled for later this week.
In the meantime, please try changing the friendly name for the domain to be the same value as the full domain name, and then try changing the user's password again.
How can i search for all secrets of a certain type(3/28/2014) [1 reply]last message by Jonathan in Secret Server On the Dashboard screen, click on "Advanced" for the search - you will then be able to choose your Template. You can also click on the Template column header in the results to sort by that field. You can also choose different folders on the left and include/exclude sub-folders to find matching templates at different levels.
Is that what you are looking for?
Wanted: More info on Approval Workflows(3/27/2014) [2 replies]last message by Jordan N in Secret Server I too would be very interested in something like this - perhaps a global setting similar to "Require View Permission on Specific Folder for Visibility" except for Secrets, to enable all users to see that a secret exists - and a default approval request behaviour that goes to a specific person or group (or all owners of that secret - either is fine)
The existing approval request mechanism could then be used to overwrite this global default.
This would prevent us from having to manually configure approval for every secret should we want to use SecretServer in this way.
BlackBerry 10 version?(3/27/2014) [4 replies]last message by Ben in Secret Server Currently we don't have a time-frame for developing an OS 10 app for BlackBerry. We do have plans as part of our UI refresh to make a more responsive dashboard for mobile devices without native app support to use.