30th January 2023

Password Vault Management on Centrify PAM

CPAS (Centrify Privileged Access Service) is Centrify’s product that offers standard entry-level features. In short, it is a web-based, agentless, password-safe solution. It is licensed under the name CPAS Core. With CPAS (Centrify Privileged Access Service), you can store the passwords of service accounts, shared accounts, accounts used in applications, in a password safe. You can change passwords regularly and get the password from the safe whenever you need it. Administrator approval may be requested during password supply.

It can use its own local accounts as well as AD integration. PAS supports MS Failover Cluster. If there will be an environment where all passwords will be stored, it is definitely recommended to install a Cluster.

Adding a Password via Centrify PAM

When the password will be added via Centrify PAM, we click on the “Secrets” menu. Then click on the “Add Secret” option.

Secrets
Secrets

 

On the “Add Secret” page, you can enter the username in the “Name” field. We write the password in the “Type” part.

Add Secret
Add Secret

 

On the “Permissions” page, we give permission to who will see and copy that user.

Permissions
Permissions

 

Save by clicking the “Save” button.

Centrify Secrets
Centrify Secrets

 

Adding Domain User or Server/Client Local User

Domains Menu

You can also add and manage domain users or server/computer local users. Click on the “Domains” menu for the domain user.

Domains
Domains

 

You can add your own domain on the “Domains” page. You can add the domain user by clicking the “Add” button.

LEARN MORE  Windows Failover Cluster Event ID:1090 Error and Solution
Domain Accounts
Domain Accounts

 

When we click on the user we added, you can see that he goes to the “Accounts” menu. In the “Permissions” menu, you can authorize who will see this user, who will enter the servers with this user, and who will receive this user’s password.

domain user
Domain user

Systems Menu

In the “Systems” menu, you can add your own systems. You can add local users to your systems. You can decide who to authorize for these users. Here we click on the server/computer you added.

Systems
Systems

 

You can add local users for the server in the “Accounts” menu. For this, you can add users by clicking the “Add” button.

add account
add local account

 

You can authorize who you will authorize for the user you have added from the “Permissions” section. As “target“, you can authorize those who will log in to the “aomertestpc.systemconf.local” computer with the “admin” user. You can see the “admin” local user of the “omer” PAM user “aomertestpc.systemconf.local“, view the password, copy, edit the password, change the password or log in with this user.

Permissions
Permissions

 

Note: Local users and domain users are visible in the “Accounts” menu, but users in the “Secrets” menu are not visible in the “Accounts” menu.

Leave a Reply

Your email address will not be published. Required fields are marked *