Secret Server - Secret Template Compendium

Summary

The Secret Template Compendium gives a comprehensive view of all secret templates available for use within Delinea Secret Server.

Body

Purpose

The purpose of the Secret Template Compendium is to provide an easily navigable and understandable point of reference for the various templates available within Delinea Secret Server.

Template types:

 

Template Scope

Individual secret templates are created for specific use-cases. For example, an “Active Directory Account” template will contain fields, launchers, and settings that are specifically designed for managing an Active Directory account. Likewise, a “Software License” template will contain a different set of fields and settings. Additionally, this template type would not use a launcher.

Secret templates may be separated by security controls in place as well. Templates created for these security controls will have their security control listed within the title of the template itself. The “Active Directory” account template contains a High Risk, Privileged, and a Shared version. Each of these are their own templates and should be selected based on the level of security control that this account requires. Some folders within Secret Server will only permit specific templates. High Risk folders, for example, only accept High Risk templates.

 

Launchers

Additional launchers can be added to secret templates per request. However, these launchers are added to the template itself, which will add a launcher to every secret that uses that template. Secrets that get bloated with launchers may be separated into different templates to keep things tidy. If this happens, any necessary secrets can be “migrated” to a different template type from the secret’s details screen.

 

Available Secret Templates

 

High Risk Templates

Title Password Expiration Time Performs RPC? Contains Launchers? Available Launchers
NU - High Risk - Active Directory Account 365 Days Yes Yes Remote Desktop
NU - High Risk - Linux Account (SSH) 365 Days Yes Yes SSH
NU - High Risk - Web Password 365 Days No Yes Web Password Autofill
NU - High Risk - Windows Local Account 365 Days Yes Yes Remote Desktop

 

LastPass Import Templates

Title Password Expiration Time Performs RPC? Contains Launchers? Available Launchers
NU - LastPass Import - Database Account Never No No None
NU - LastPass Import - Generic Secret Never No No None
NU - LastPass Import - Server Never No No None

 

Privileged Secret Templates

Title Password Expiration Time Performs RPC? Contains Launchers? Available Launchers
NU - Privileged - Active Directory Account 1 Day Yes Yes
  • Remote Desktop
  • Application Launch
NU - Privileged - Linux Account (SSH) 1 Day Yes Yes
  • SSH
NU - Privileged - Windows Local Account 1 Day Yes Yes
  • Remote Desktop

 

Shared Secret Templates

Title Password Expiration Time Performs RPC? Contains Launchers? Available Launchers
NU Account PIN None No No None
NU Active Directory Account 365 Days Yes Yes

Web Password Autofill

Remote Desktop

NU Amazon IAM Key 365 Days Yes No None
NU Aruba Switch Account 365 Days Yes Yes

SSH

SecureCRT Remote

NU Azure AD Account 365 Days Yes Yes Web Password Autofill
NU BeyondTrust Account w/ OTP 365 Days Yes Yes

Web Password Autofill

Application Launch

NU Certificate 398 Days No No None
NU Database Account 365 Days Yes Yes

Application Launch

Web Password Autofill

NU DevOps Secrets Vault Client Credentials None No No None
NU Events Active Directory Account 365 Days Yes No None
NU Generic Secret 365 Days No Yes Web Password Autofill
NU iDRAC Account None No No None
NU Linux Account (SSH Key Rotation - No Password) 365 Days Yes Yes SSH
NU Linux Account (SSH) 365 Days Yes Yes SSH
NU OAuth API Account 365 Days No Yes Web Password Autofill
NU Palo Alto Firewall Local Account None Yes Yes

SSH

Web Password Autofill

NU Product License Key None No No None
NU Secret Server Service Account 30 Days Yes No None
NU SecureCRT 365 Days No Yes

Remote Desktop

SecureCRT Remote

NU SQL Server Account 365 Days Yes Yes Application Launch
NU SSH Key 365 Days No No None
NU Web Password 365 Days Yes Yes Web Password Autofill
NU Windows Local Account 365 Days Yes Yes Remote Desktop

Back to top

Details

Details

Article ID: 296
Created
Fri 5/17/24 4:26 PM
Modified
Fri 8/2/24 5:25 PM

Related Articles

Related Articles (3)

Delinea Web Password Filler (WPF) is a browser extension that connects to a user's Secret Server vault to automatically enter login credentials to specific websites.
This article explains the basics of creating, editing, and sharing secrets within Secret Server.
Folders in Secret Server allow you to organize your secrets into logical groups and control access through permissions assigned to the folders. This article gives an overview of how shared folders are created and used.

Related Services / Offerings

Related Services / Offerings (1)

Privileged Access Management (PAM) is a security solution that helps organizations manage and monitor privileged user access to critical systems and sensitive data. It helps prevent unauthorized access and reduce the risk of insider threats.