Body
Purpose
The purpose of the Secret Template Compendium is to provide an easily navigable and understandable point of reference for the various templates available within Delinea Secret Server.
Template types:
Template Scope
Individual secret templates are created for specific use-cases. For example, an “Active Directory Account” template will contain fields, launchers, and settings that are specifically designed for managing an Active Directory account. Likewise, a “Software License” template will contain a different set of fields and settings. Additionally, this template type would not use a launcher.
Secret templates may be separated by security controls in place as well. Templates created for these security controls will have their security control listed within the title of the template itself. The “Active Directory” account template contains a High Risk, Privileged, and a Shared version. Each of these are their own templates and should be selected based on the level of security control that this account requires. Some folders within Secret Server will only permit specific templates. High Risk folders, for example, only accept High Risk templates.
Launchers
Additional launchers can be added to secret templates per request. However, these launchers are added to the template itself, which will add a launcher to every secret that uses that template. Secrets that get bloated with launchers may be separated into different templates to keep things tidy. If this happens, any necessary secrets can be “migrated” to a different template type from the secret’s details screen.
Available Secret Templates
| Title |
Password Expiration Time |
Performs RPC? |
Contains Launchers? |
Available Launchers |
| NU - High Risk - Active Directory Account |
365 Days |
Yes |
Yes |
Remote Desktop |
| NU - High Risk - Linux Account (SSH) |
365 Days |
Yes |
Yes |
SSH |
| NU - High Risk - Web Password |
365 Days |
No |
Yes |
Web Password Autofill |
| NU - High Risk - Windows Local Account |
365 Days |
Yes |
Yes |
Remote Desktop |
| Title |
Password Expiration Time |
Performs RPC? |
Contains Launchers? |
Available Launchers |
| NU Account PIN |
None |
No |
No |
None |
| NU Active Directory Account |
365 Days |
Yes |
Yes |
Web Password Autofill
Remote Desktop
|
| NU Amazon IAM Key |
365 Days |
Yes |
No |
None |
| NU Aruba Switch Account |
365 Days |
Yes |
Yes |
SSH
SecureCRT Remote
|
| NU Azure AD Account |
365 Days |
Yes |
Yes |
Web Password Autofill |
| NU BeyondTrust Account w/ OTP |
365 Days |
Yes |
Yes |
Web Password Autofill
Application Launch
|
| NU Certificate |
398 Days |
No |
No |
None |
| NU Database Account |
365 Days |
Yes |
Yes |
Application Launch
Web Password Autofill
|
| NU DevOps Secrets Vault Client Credentials |
None |
No |
No |
None |
| NU Events Active Directory Account |
365 Days |
Yes |
No |
None |
| NU Generic Secret |
365 Days |
No |
Yes |
Web Password Autofill |
| NU iDRAC Account |
None |
No |
No |
None |
| NU Linux Account (SSH Key Rotation - No Password) |
365 Days |
Yes |
Yes |
SSH |
| NU Linux Account (SSH) |
365 Days |
Yes |
Yes |
SSH |
| NU OAuth API Account |
365 Days |
No |
Yes |
Web Password Autofill |
| NU Palo Alto Firewall Local Account |
None |
Yes |
Yes |
SSH
Web Password Autofill
|
| NU Product License Key |
None |
No |
No |
None |
| NU Secret Server Service Account |
30 Days |
Yes |
No |
None |
| NU SecureCRT |
365 Days |
No |
Yes |
Remote Desktop
SecureCRT Remote
|
| NU SQL Server Account |
365 Days |
Yes |
Yes |
Application Launch |
| NU SSH Key |
365 Days |
No |
No |
None |
| NU Web Password |
365 Days |
Yes |
Yes |
Web Password Autofill |
| NU Windows Local Account |
365 Days |
Yes |
Yes |
Remote Desktop |
Back to top