Thycotic Community - Secret Server - API for managing AD groups

Thycotic Community - Secret Server - API for managing AD groups - Messages http://www.thycotic.com/forums/messages.aspx?TopicID=360 Thycotic Community - Secret Server - API for managing AD groups - Messages en-us http://blogs.law.harvard.edu/tech/rss Jitbit AspNetForum Mon, 06 Jun 2011 15:04:23 GMT Mon, 06 Jun 2011 15:04:23 GMT http://www.thycotic.com/forums/messages.aspx?TopicID=360 Message from Ben
Thanks for all the detailed information, that scenario makes a lot of sense. I've updated the request with your info.

Regards,
Ben]]> Mon, 06 Jun 2011 15:04:23 GMT http://www.thycotic.com/forums/messages.aspx?TopicID=360 Message from Espen F
Thanks for your reply.
I will provide some more detail as of why we seek such a feature:
We are are major Internet application, and service provider with over 250 customers with users varying from a couple, to 50-60 users needing access to limited parts of our infrastructure.

Say for example that customer1 have 500 servers, and 40 users needing access to those systems.

User A needs access to server 1 and server 2, while user B only needs access to server 2.
This may change from week to week, with users only having access on a strict need to basis only. For over 250 customers, with a total over 4000 servers this becomes very time consuming to manage manually.

We would like to say via an API that AD-group Y should have access to servers 1,2,3,4,5 (folder/group 1 and folder/group 2).

This comes on top of a growing number of 300 employees.

With such rapid, and large amount of access level changes it is important for us to be able to make effective, and yet secure changes.

Thank you for your time.
]]> Mon, 06 Jun 2011 13:19:52 GMT http://www.thycotic.com/forums/messages.aspx?TopicID=360 Message from Ben
Currently the API is not able to manage permissions on Secrets and Folders. I've taken this down as a feature request and updated the product manager. Is there any more detail you can provide regarding your business case for needing this?

Thanks,
Ben]]> Mon, 06 Jun 2011 11:24:17 GMT http://www.thycotic.com/forums/messages.aspx?TopicID=360 Message from Espen F I wonder if the API is able to manage which AD users/groups who should have access to which secret/folder.

This is an important feature for us as we have a high change frequency in our server farms.]]> Mon, 06 Jun 2011 02:24:09 GMT