http://www.thycotic.com/forums/messages.aspx?TopicID=471 Thycotic Community - Secret Server - Can I allow users to see deleted passwords so they can undelete their own? - Messages en-us http://blogs.law.harvard.edu/tech/rss Jitbit AspNetForum Tue, 28 Aug 2012 16:33:55 GMT Tue, 28 Aug 2012 16:33:55 GMT http://www.thycotic.com/forums/messages.aspx?TopicID=471
Deleted Secrets still maintain their permissions so that a user does not see deleted Secrets that do not have access to.

Kind Regards,
Joshua Conroy
Thycotic Software]]> Tue, 28 Aug 2012 16:33:55 GMT http://www.thycotic.com/forums/messages.aspx?TopicID=471
In taking a hard look at the User Guide, I see the role now in question.

Anyone have big concerns about giving end users access to "view deleted secrets"? Figure since it respects permissions its not like they'll see other peoples trash.

"To undelete a Secret, navigate to the Secret View page and click the Undelete button. NOTE: The User must have the View Deleted Secrets permission (see Roles section) to access the Secret View page for this Secret, as well as Owner permission on the Secret."]]> Tue, 28 Aug 2012 15:49:37 GMT http://www.thycotic.com/forums/messages.aspx?TopicID=471
They get the prompt that the secret already exists.

They indicate however, that by clicking "Advanced" next to search they do not have the Status drop down available to filter between Active, Deleted, or Both.

Can I provide them that explicit capability within roles without giving them too much capability?

Since I've provisioned roles based on the best practices guide I'd need to activate Unlimited Administrator mode at this point to see his account and I don't feel like contacting my management team to do it :-)

<a href="http://i.imgur.com/P7EXF.jpg">http://i.imgur.com/P7EXF.jpg</a>]]> Tue, 28 Aug 2012 15:04:40 GMT