BeyondTrust Password Safe

BeyondTrust Password Safe is an enterprise password manager software which ensures complete control and accountability over all privileged (and non privileged) accounts within an organization.

Through this integration it will be possible to perform a Discover using privileged credentials managed by password safe.

Requirements

BeyondInsight 22.X and later.
Linux Control Center 2.0 and later.

BeyondTrust Password Safe Configuration

The instructions on how to integrate Linux Control Center with BeyondTrust Password Safe are present in the Integrations menu. The BeyondTrust integration must be configured before using the BeyondTrust Passwor Safe flag in the Discover task.

Create a Discover

The Managed Account used in the Integration menu must exist in the Managed Systems for authentication in Discover perform correctly.

The Discover method using the BeyondTrust Password Safe flag basically acts as a credential fallback. Therefore, if the credentials attached to the Scan fail to authenticate on all target hosts, with the BeyondTrust Password Safe option enabled it will look for the Assets through Password Safe API and compare them with the target Hosts passed in the CIDRs field. If successful, it will use the retrieved credentials from the configured Managed Account.

To perform a Discover Configuration go to Discover tab and click on ADD.
Fill the required fields such as Discover Name, Credentials, CIDRs and Ports. Check the BeyondTrust Password Safe flag is enabled and click Save.
Select the created Discover object using the checkbox next to the Discover name and click on Actions button, select the Run Discover Option.
A new job is created in Worker Queue with the "Discover LCC" action. Look on Request Data and view the BeyondTrust Password Safe fields which will be used for Discover if the default credentials come to fail.
After BeyondTrust Password Safe validating the asset, the Linux Control Center will start a new job with the "Photograpy" action, in which Discover will search for users, services, packages and then import the host into the Linux Control Center Hosts. Go to Hosts menu to verify the imported hosts with the BeyondTrust authentication method.

PreviousLinux Control Center Discover NextHost Actions

Last updated 10 months ago

BeyondTrust Password Safe Configuration

The instructions on how to integrate Linux Control Center with BeyondTrust Password Safe are present in the Integrations menu. The BeyondTrust integration must be configured before using the BeyondTrust Passwor Safe flag in the Discover task.

Create a Discover

The Managed Account used in the Integration menu must exist in the Managed Systems for authentication in Discover perform correctly.

To perform a Discover Configuration go to Discover tab and click on ADD.

Fill the required fields such as Discover Name, Credentials, CIDRs and Ports. Check the BeyondTrust Password Safe flag is enabled and click Save.

Select the created Discover object using the checkbox next to the Discover name and click on Actions button, select the Run Discover Option.

A new job is created in Worker Queue with the "Discover LCC" action. Look on Request Data and view the BeyondTrust Password Safe fields which will be used for Discover if the default credentials come to fail.

After BeyondTrust Password Safe validating the asset, the Linux Control Center will start a new job with the "Photograpy" action, in which Discover will search for users, services, packages and then import the host into the Linux Control Center Hosts. Go to Hosts menu to verify the imported hosts with the BeyondTrust authentication method.