Back in Secret Server 3.0, we added bulk operations to make it easier to deal with lots of secrets. Typical example – I need to add our network administrators to these 100 passwords with View permission. This can be easily accomplished using the "Add Share" option at the bottom of the search grid on the home page.
What happens if I accidentally added the wrong network administrators group and now I need to remove their View permission from the 100 secrets. This is where "Edit Share" comes in.
I recorded a short movie that shows removing "Edit" and "Share" permissions for one group (Administrators) from two secrets.
Add Share – use this to safely add new permissions for View, Edit or Share for a group or user. It will not affect their existing permissions. So if a user has View, Edit and you just Add Share ‘View’ then they will still have View and Edit.
Edit Share – use this option to replace permissions for certain users or groups. There is currently a bug that prevents you from removing all permissions for a user or group but that will be fixed in the next release.
NOTE: The Edit Share does not show existing permissions on your selected secrets. We have struggled with how to make such a user interface make sense since some of your secrets will have some permissions and some won’t. It seems difficult to know how to present this in a way that isn’t confusing. If you have any ideas – please post them to the forums.
Leave a reply →