Configuring Secret Server
The Centrify Platform can connect to your remote and on-premise Secret Server(s) so you can use Secret Server as the authoritative source for storing and managing credentials.
Connecting Centrify Platform to Secret Server enables you to:
- See systems and accounts from one or more Secret Server vaults.
- Periodically sync systems and accounts from Secret Server. The sync may also be performed on-demand.
Note: Passwords and SSH keys are not synced. They are retrieved from Secret Server when needed for login / checkout.
- Map to Secret Server sites using System Resource Mappings. These optional mappings give the Centrify Platform the information needed to choose an appropriate connector, when establishing a connection to a target system.
- Reach Secret Server directly for a SAAS Secret Server or via a connector for an on-premise Secret Server.
To connect Centrify Platform to Secret Server:
Note: See the Secret Server Best Practices for information about configuring Secret Server for integration with the Centrify Platform.
- Set Secret Server role permissions enabling Centrify Platform administrators to add a vault.
- Add a Centrify Platform vault and register the Secret Server.
- For on-premise Secret Servers, deploy connector(s) that can reach the Secret Server.
- Depending on network topology, configure the necessary Secret Server Resource Connector Mappings.