Secret Server Feature


Use Active Directory Integration for Controlled Authentication
Quickly roll out access to Secret Server by granting access to domain users and security groups.

The challenge

Managing groups and logins in another application adds significant overhead for administrators. Grant access to Secret Server without recreating accounts and manually managing groups.

Why it's important

Many organizations invest heavily in Active Directory to ensure users have a single identity across the organization. Leveraging your existing Active Directory groups and logins reduces management overhead and improves adoption because it’s one less password for admins to remember.

How we solve it

Secret Server’s Active Directory integration enables users to sign in with their normal domain account to gain access to privileged accounts, such as their domain administrator credential.

AD integration makes it easy to roll Secret Server out to an IT Department, and by assigning access based on security groups you won’t have to manually grant permissions every time a new admin needs access. Then, enforce security best practices by adding two-factor authentication to Secret Server to prevent unauthorized access.

Additional Information

Active Directory integration

Active Directory integration gives administrators a simple and effective way to automatically grant and revoke access to Secret Server with tools and policies that are already in place. By granting rights based on domain security groups you can ensure that when a user changes roles in a company their rights in Secret Server can change appropriately.

Integrated Authentication (ADFS)

Microsoft also provides additional single sign on and security options that Secret Server can leverage. With Integrated Windows Authentication or ADFS you can provide Single Sign On (SSO) to Secret Server to simplify a user’s day to day.

There may be some cases where Active Directory isn’t feasible due to separation of duties, or environments under tight control and there is no domain. In those situations, Secret Server does have its own user and group store and capabilities, and group membership changes can be delegated across teams to limit overhead.

Regardless of which user authentication methodology is right for your environment, you will be able to make use of SAML for SSO—a feature available with Secret Server Professional and Premium editions—and two-factor for enhanced security.

Secret Server Hosting

Security Solutions as a service.
Maximize your password security,
Minimize your security risks.