Configuring Secret Server

The Centrify Platform can connect to your remote and on-premise Secret Server(s) so you can use Secret Server as the authoritative source for storing and managing credentials.

Connecting Centrify Platform to Secret Server enables you to:

  • See systems and accounts from one or more Secret Server vaults.
  • Periodically sync systems and accounts from Secret Server. The sync may also be performed on-demand.

    Note:   Passwords and SSH keys are not synced. They are retrieved from Secret Server when needed for login / checkout.

  • Map to Secret Server sites using System Resource Mappings. These optional mappings give the Centrify Platform the information needed to choose an appropriate connector, when establishing a connection to a target system.
  • Reach Secret Server directly for a SAAS Secret Server or via a connector for an on-premise Secret Server.

To connect Centrify Platform to Secret Server:

Note:   See the Secret Server Best Practices for information about configuring Secret Server for integration with the Centrify Platform.

  1. Set Secret Server role permissions enabling Centrify Platform administrators to add a vault.
  2. Add a Centrify Platform vault and register the Secret Server.
  3. For on-premise Secret Servers, deploy connector(s) that can reach the Secret Server.
  4. Depending on network topology, configure the necessary Secret Server Resource Connector Mappings.