Adding Resources Manually
In order to manage the passwords of your privileged accounts, you should add your end-points as resources in Password Manager Pro. The term resource denotes any server, application, network device or an appliance holding the user accounts and the passwords. There are three different ways of adding resources to Password Manager Pro namely: manual addition of resources, importing resources from a file and discovering resources.
The following are the steps to add resources manually to Password Manager Pro and to store files and other sensitive data:
1. Adding a Resource
Follow the below steps to add a resource manually in Password Manager Pro:
- Navigate to Resources >> Add Resource >> Add Manually.
- In the Add Resource window that pops up, fill in the required details:
- Specify the Resource Name which uniquely identifies the resource in Password Manager Pro.
- Enter the DNS Name or IP Address of the resource. It is mandatory to provide a valid DNS name or IP address to perform remote operations like remote password reset, account discovery and one-click login.
- Choose the Resource Type from the dropdown (the default value will be Windows). Based on the resource type, Password Manager Pro uses unique procedures for password resets. For example, the password reset mechanism of Windows is not the same as that of Linux or Mac. This field also helps to organize your resources based on their type. To add a custom resource type, click the Add New option beside this field. Enter a custom resource type in the pop up window, such as an App or a printer, click Add and then choose the custom resource from the Resource Type dropdown.
- Choose the Group Name to add all the common servers, say Windows servers or Linux servers, to a single resource group. To add a new group, click Add New, enter a group name, click Add and choose the custom group from the Group Name dropdown. If a custom group is not created, Default Group will be chosen. Click here for more info on resource groups.
- When adding a domain controller with the resource type as WindowsDomain, enter the domain name as NETBIOS in the Domain Name field. This is required for the Windows Service Account Reset feature.
- The fields Description, Department and Location are not mandatory, but having these fields populated with the correct values will be helpful for searching and grouping the resources.
- When adding a web application or a website as a resource, provide the Resource URL and choose the resource type as Web Site Accounts. To access any web-based resource, specify the full URL in this field, for example, https://sso.godaddy.com. This value will be used for the auto-fill feature that works with the help of our browser extensions (Chrome, Firefox and Edge).
- Password Manager Pro allows you to add virtual machines managed in an Amazon WorkSpaces client, as resources into the repository. While adding AWS Active Directory resources in Password Manager Pro, choose the resource type as WindowsDomain. Click here to learn how to automatically discover virtual machines in an Amazon WorkSpaces client using Password Manager Pro.
- Choose the required Password Policy from the dropdown. When Password Manager Pro randomly generates passwords for accounts, they will be in compliance with the policy chosen here.
- Click Save to add the resource. Click Save & Proceed to add an account.
2. Adding an Account to a Resource
Once resources are added to Password Manager Pro, follow the below steps to add user account(s) and passwords for the new resource:
- Navigate to the Resources tab. Click Resource Actions >> Add Accounts beside the newly added resource.
OR
Click the Resource Name of the newly added resource and click Add in the Account Details window that pops up. - Enter the required details in the Add Accounts form as explained below:
- Enter the unique name for the account in the User Account field.
- In the Password field, either enter the password of the account manually if you know it, or generate a password using the Generate Password tool beside this field. If you are entering the password manually, it should be in compliance with the Password Policy you had set for the resource.
Note: To enable password reset in remote systems, ensure that the passwords you enter in this step and the ones in the actual target systems are the same. Password Manager Pro uses these credentials to log in to the target systems for resetting the password, and if the passwords are wrong, the password reset will not happen.
- Choose the required Password Policy for the account - Strong, Medium, or Low. The password policy is maintained at resource level and account level, and the account level policy can override the value of resource level password policy. Click here to learn more about creating custom password policies apart from the default ones.
- If the account (particularly website accounts) is enabled with TOTP as the Two-Factor Authentication (2FA), input the TOTP Secret Key. This allows the users to directly access the account through the Password Manager Pro interface, streamlining the generation of TOTP one-time codes alongside with shared passwords.
- By default, the account configured with TOTP as the 2FA supports the SHA1 Algorithm, 6-digit TOTP codes, and a validity of 30 seconds. If the account supports a different set of parameters for TOTP codes, please select the appropriate TOTP Algorithm and TOTP Digits and enter the TOTP Validity in seconds by clicking upon the Settings dropdown beside the TOTP Secret Key field.
- It is recommended to provide any particular details of the account in the Notes field as this field will also be searched through when you search for a particular account using Password Manager Pro's search tool.
- To import an SSH key and associate it with this account, click Browse and add a .key file. Enter the Private Key Name and Passphrase in the next fields.
- Select the checkbox Use Private Key to Login to authorize remote connections using SSH keys instead of account credentials. Click here to know more about remote connection using SSH keys.
- Select the checkbox Map Private Key in Password Manager Pro to force map SSH keys to user accounts, even if the target systems are not reachable.
- Click Save to add and list this account under the User Account column on the same page. You can add any number of accounts under a particular resource by following the above steps; all the accounts will be listed below the User Accounts table.
Note: If the TOTP Algorithm, TOTP Digits, and TOTP Validity differ between the account and the values entered here, the authentication mechanism will not work as expected due to the generation of incorrect one-time codes. Also, once configured, the TOTP secret key cannot be retrieved again for the account. Therefore, exercise caution to ensure that the values entered or selected here match those values supported by the account.
Performing the above steps will add the required user account(s) and password(s) to the resource. Users who are authorized to access the resource will be able to view the information.
3. Storing Files and Other Sensitive Data
Password Manager Pro allows users to store other types of sensitive data such as:
- Digital Certificates
- License Keys
- Files
- Documents
- Photo Copies
Different file types can be securely stored in the Password Manager Pro repository along with their passwords. To store a license key, certificate, document, etc., follow the below steps:
- Navigate to Resources >> Add Resource >> Add Manually.
- In the Add Resource window, fill in the details as required.
- Specify the Resource Name which uniquely identifies the resource in Password Manager Pro.
- Enter the DNS Name or IP Address of the resource. It is mandatory to provide a valid DNS name or IP address to perform remote operations like remote password reset, account discovery and one-click login.
- Select the Resource Type as any one of the following: (By default, Password Manager Pro supports the following file stores)
- File Store: To store digital content (documents, pictures, executables etc).
- Key Store: To store software keys.
- License Store: To store software license keys.
- To add a custom resource type, click the Add New option beside this field. Enter a custom resource type in the pop up window, such as KeyStore, click Add and then choose the custom resource from the Resource Type dropdown.
- The fields Description, Department and Location are not mandatory, but having these fields populated with the correct values will be helpful for searching and grouping the resources.
- Click Save to save the resource and exit.
- Click Save & Proceed to import and save the required Key/File/License under the resource.
- In the Add Accounts window that opens up, the fields will be shown based on the Resource Name you chose (File Store, Key Store, or License Store). Fill them as required:
- Specify the Key Name/File Name/License Name, to be stored under the resource.
- Click Browse and choose the Key/File/License to be imported.
- Enter a description in the Notes field.
- Click Save.
Now, the Key/File/License will be successfully saved under the resource.
Note: Resources of the above types are managed and shared in the same way as other resources. During retrieval, a link to the file is provided for it to be saved locally to the disc.