Thycotic Blog

We will soon be releasing a new user interface as a replacement for the Home page, called “Dashboard”. Dashboard is a modern approach to displaying and managing data, one best described as an “interactive console” approach. Central to the idea of a “console” is the ability to drag and drop different components on the screen. Dashboard implements a widget based system which allows fluid customization of data, reports and the functionality shown. Dashboard will be part of the next release, 7.3.

Thycotic brings Password Management to TechEd Australia 2010

Thycotic will be at Gold Coast, Australia next month exhibiting at TechEd Australia for the third year in a row. Stop by our booth and learn about how Secret Server integrates with RADIUS in version 7.0 .

Are you responsible for end-user passwords? Ask to see a demo of self-service password reset tool,Password Reset Server.

Come visit us to talk about password management or information security.

See you there!

Here is a movie showing the basic proof of concept application working on the Android Phone simulator. It demonstrates authenticating to Secret Server, pulling down a list of Secrets. Then adding a Secret Server using the web browser and seeing it appear in the app.

AndroidDemo1

►

This app should be available within 2-3 months.

Some users who are currently using eWallet and other single user password managers want to migrate to an enterprise solution. This will give them the benefit of tracking and managing all privileged passwords in a company.

We are currently working with one customer to produce a tool that will allow a user to migrate from eWallet to Secret Server as painlessly as possible.

Here is a movie showing the migration tool in action: http://www.thycotic.com/movies/secretserver/ewallet/ewallet.html 

If you are interested in this tool please contact support.

– Kevin

Here is a teaser trailer showing automatic opening of Remote Desktop from a secret in Secret Server.

Watch movie (Remote Desktop from Internet Explorer)

Watch movie (Remote Desktop from Firefox)

There are some technical difficulties in getting Remote Desktop to work like this since it encrypts the password in the .rdp file in a machine/user specific way.

This feature is unlikely to be ready for the Secret Server 4.0 release but should come in an update soon after.

–Jonathan

We are happy to announce that Secret Server 4.0 is scheduled for release on December 21st.

One of the features that is often requested is the ability to search a folder *and* its sub-folders. Starting in 4.0, this feature will be available. On the home page, there will be a checkbox in the search region that will allow you to search in a folder’s children. Also, the performance of searching has been improved by reducing some of the logic needed.

One of the other features that we will be in 4.0 is inherited permissions for folders. With the confusion of how folder permissions currently work, we think this will allow users to better manage their secrets while also working more as expected (more like operating system permissions). Starting in 4.0, you can optionally inherit permissions from parent folders, and a secret can now inherit permissions from a folder. Say, if you choose to have a secret inherit permissions from it’s folder, it will also get the permissions from that folder, and all of it’s parents. If the parents’ folder permission changes, the new permissions will reflect on that secret.

Secret Server 4.0 is shaping up to be the biggest release of Secret Server yet, and we’re excited about the cool new features!

– Kevin

Back in Secret Server 3.0, we added bulk operations to make it easier to deal with lots of secrets.  Typical example – I need to add our network administrators to these 100 passwords with View permission.  This can be easily accomplished using the "Add Share" option at the bottom of the search grid on the home page.

What happens if I accidentally added the wrong network administrators group and now I need to remove their View permission from the 100 secrets.  This is where "Edit Share" comes in.

I recorded a short movie that shows removing "Edit" and "Share" permissions for one group (Administrators) from two secrets.

Watch movie

Add Share – use this to safely add new permissions for View, Edit or Share for a group or user.  It will not affect their existing permissions.  So if a user has View, Edit and you just Add Share ‘View’ then they will still have View and Edit.

Edit Share – use this option to replace permissions for certain users or groups. There is currently a bug that prevents you from removing all permissions for a user or group but that will be fixed in the next release.

NOTE:  The Edit Share does not show existing permissions on your selected secrets.  We have struggled with how to make such a user interface make sense since some of your secrets will have some permissions and some won’t.  It seems difficult to know how to present this in a way that isn’t confusing.  If you have any ideas – please post them to the forums.

–Jonathan

One of the most requested features in Secret Server is theming. I have seen several customers skin Secret Server to fit their company’s colors and logo. The only down side to that is, when Secret Server is updated, all of those nice changes were lost. A feature that we will be releasing soon is Custom Themes. It goes beyond just changing the style and images. We designed it to allow the administrator to create their own themes for Secret Server. The Administrator has the choice of allowing users to specify their own theme, or force a global theme. Here is a sample theme that we have been playing around with to prove that anything is possible!

We don’t plan on actually shipping Secret Server with this theme

– Kevin

On November 16^th we will be releasing a minor update for Secret Server. This update includes:

• Ignoring the selected folder if the folder panel is collapsed when performing a search from the home screen.
• Changing the import tool to allow duplicates if explicitly allowed. There will now be a checkbox called “Ignore Duplicates” that allows you to import secrets even if a secret with the same name already exists.
• Some Active Directory Synchronization fixes. Recently a bug was discovered that may solve a large portion of the remaining active directory synchronization issues. As some may know, there have been some issues with Active Directory that we have been identifying and fixing. The particular issue we will we resolving is where some of the usernames contain certain characters, such as a comma or a backslash. Unfortunately, our development platform, the .NET Framework 1.1, has somewhat limited LDAP support. So the data that the Active Directory server returns to us is “raw”. In this case, we need to parse and handle this data properly. The second issue we are resolving is in the case that the Active Directory query returns more than 1500 results it only returns the top 1500 results.

This update does not include the migration to the .NET 2.0 Framework. This minor update will still be using the current version of the framework.

– Kevin