We have Password Safe and PRA Integrated. We have some users who use both Password Safe and PRA to launch remote sessions.
SRA Access Policy must have the View Password option enabled, so the users can retrieve the credential in PRA console. Because of this requirement in SRA access policy, users are able to view managed account passwords in Password Safe.
How can we restrict users to NOT View Passwords in Password Safe and should be able to retrieve the credential in PRA Jump Session?
Thanks,
Best answer by bt101
Hi @Prudhvi Keertipati You can create a new access policy which is location restricted . Add the IP addresses of PRA appliance/ECMs as the source and allow View Password for this policy. This will be applied to the SRA/PRA API user group in Passwordsafe. End users will see two policies. I think based on policy name , default policy can be the No-view Password policy when users log in to Passwordsafe. If they select the SRA/PRA API policy (newly created) . If they submit the request it shows the error location restricted . I got this suggestion from other user’s comment in Ideas portal
Hi @Prudhvi Keertipati You can create a new access policy which is location restricted . Add the IP addresses of PRA appliance/ECMs as the source and allow View Password for this policy. This will be applied to the SRA/PRA API user group in Passwordsafe. End users will see two policies. I think based on policy name , default policy can be the No-view Password policy when users log in to Passwordsafe. If they select the SRA/PRA API policy (newly created) . If they submit the request it shows the error location restricted . I got this suggestion from other user’s comment in Ideas portal
