8/28/2012 3:04:40 PM
Nick S
Posts: 25
|
I have a user who created a password, deleted it, and went to recreate it.
They get the prompt that the secret already exists.
They indicate however, that by clicking "Advanced" next to search they do not have the Status drop down available to filter between Active, Deleted, or Both.
Can I provide them that explicit capability within roles without giving them too much capability?
Since I've provisioned roles based on the best practices guide I'd need to activate Unlimited Administrator mode at this point to see his account and I don't feel like contacting my management team to do it :-)
<a href="http://i.imgur.com/P7EXF.jpg">http://i.imgur.com/P7EXF.jpg</a>
|
|
|
0
• link
|
8/28/2012 3:49:37 PM
Nick S
Posts: 25
|
I was about to write that I had yet another user with this issue.
In taking a hard look at the User Guide, I see the role now in question.
Anyone have big concerns about giving end users access to "view deleted secrets"? Figure since it respects permissions its not like they'll see other peoples trash.
"To undelete a Secret, navigate to the Secret View page and click the Undelete button. NOTE: The User must have the View Deleted Secrets permission (see Roles section) to access the Secret View page for this Secret, as well as Owner permission on the Secret."
|
|
|
0
• link
|
8/28/2012 4:33:55 PM
Joshua C
Administrator
Posts: 75
|
Hello Nick,
Deleted Secrets still maintain their permissions so that a user does not see deleted Secrets that do not have access to.
Kind Regards,
Joshua Conroy
Thycotic Software
--
Thycotic Support Engineer
|
|
|
0
• link
|
Secret Server 
Secret Server on Facebook 
Password Reset Server 
Group Management Server
Company 
Thycotic on Twitter