When first adding Secrets to your Secret Server account, one of your questions might be, “What should I name my Secrets?” This is a great question and one that we recommend thinking about for any new Secret Server customer. Secret names should be descriptive, but should not reveal any sensitive data. An option for Administrators to ensure Secrets are easily identifiable in Reports and in searches is to use naming requirements. For example, UserNameDeviceName. Whatever naming convention you choose, it will simplify your experience in the long-term.
Once you create a name convention, you will want to be able to enforce the naming requirements. Secret Server can use Regex to validate a Secret name upon creation. This will ensure that Secret names will match a desired pattern. Naming patterns are assigned by Secret Template.
For this example, we’ll walk you through the steps set naming rules for a Secret Template by using the Windows Server 2008 R2 Local Admin Account Template. First, visit Administration > Secret Templates. Next, select the Windows Account and click Edit. The current Template configuration and fields will appear, and then you will want to click Change. Now, you can enter Regex. For this example, we want all Secrets using this Template to be named the following: admincomputername-PC
To enforce our chosen naming pattern we will use the following Regex: ^admin\w+-PC$
Now you can set the Error Message that will appear when users attempt to create a Secret using a name that does not match your chosen pattern. In this case, we’ll have the error message say “Secret Name must be admincomputerName-PC”
Leave a reply →