Secret Server
Password Reset Server
- Overview
- Demo Movie
- Features
- Download
- Purchase
- Forums
- Support
- Community
Group Management Server
- Overview
- Features
- Download
- Purchase
- Support
- Forums
Company
- About Us
- In the Press
- Industry Analysts
- Our Team
- Blog
- Careers
- Events
- Privacy Statement
- Contact

Community Home	Forum Home	Recent Topics	Recent Posts	Search

Thycotic Community Forum

Messages in this topic - RSS

Home » Secret Server » Nested Groups

Discuss best practices, feature requests and general advice.

show rated messages only |

2/4/2010 4:44:46 AM Jeremy A Posts: 61	One feature I'd like to see is being able to nest groups inside other groups. We've got a large user base with varying degrees of access, and it would make managing role memberships a lot easier with this ability -- http://www.ignitionmsp.com/
	0 • link
2/4/2010 9:00:34 AM Scott Posts: 45	Jeremy, thanks much for the feedback. I will add this to our list of feature requests. best, Scott Thycotic Support
	0 • link
2/4/2010 11:55:55 AM Jonathan Administrator Posts: 591	Jeremy, One workaround at present is to use the AD Sync. You can then nest and manage your groups in AD and Secret Server will simply pull the groups in from AD. Note that Secret Server will flatten the membership from AD - for example: AD Group1 => John, Steve AD Group2 => Group1, Fred If you sync both groups to Secret Server then: SS AD Group1 => John, Steve SS AD Group2 => John, Steve, Fred You can then assign these groups to roles and just do nesting in AD. Hope that makes sense. Thanks for the feedback! :-D -- Secret Server 8.1 - Web Password Filler, SAP support, advanced discovery capabilities with rules. Need a free trial license? Send an email to sales@thycotic.com
	0 • link
2/4/2010 12:16:02 PM Larry Posts: 79	Jeremy, Is anything like ADSync available for the hosted solution? thanks, Larry
	0 • link
2/4/2010 12:28:39 PM Jonathan Administrator Posts: 591	Unfortunately the AD integration is only available in the Installed Edition. -- Secret Server 8.1 - Web Password Filler, SAP support, advanced discovery capabilities with rules. Need a free trial license? Send an email to sales@thycotic.com
	0 • link
2/9/2010 5:13:06 AM Jeremy A Posts: 61	Unfortunately the AD group nesting would not apply in our circumstance. We have multiple AD Group Admins, who, by policy, are not administrators in Secret Server. If I used the group nesting for this purpose, then it would be possible for a security group administrator to give themselves elevated access in Secret Server by modifying their group membership. Our only AD syncing is done by a single group which gives a user the ability to log into Secret Server. All rights and membership in Secret Server is contained in the application -- http://www.ignitionmsp.com/
	0 • link

show rated messages only |

Home » Secret Server » Nested Groups