Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

I am looking for an \"enterprise password management\"/password vault suite, alo

ID: 660802 • Letter: I

Question

I am looking for an "enterprise password management"/password vault suite, along the lines of Thycotic's Secret Server. (We're evaluating password management/password vault solutions for our enterprise, and my boss would like me to evaluate at least two products.)

What we need is a way to share passwords within the IT department (at least), and then manage them as people join or leave. We were using a password protected spreadsheet, until we "upgraded" to KeePass (a lateral move, really). With thousands of passwords, I'm simply not willing to go through what we had to do last time a sysadmin left, which was "change all the passwords in the environment. NOW!!!"
I have four requirements:

Must support encryption of the entire database/collection
From above, even an Excel spreadsheet or SharePoint site supports this, so easy requirement.
Must allow granular access control to entries or groups of entries
Must be able to restrict a particular password or grouping/folder/etc. to a specified person or group of people.
For example, credentials for accounts with domain admin rights can only be viewed by the domain admins, but the network gear credentials can only be viewed by the network admins.
Must not be cloud-based, as in it must be something we can install on our servers, as well as access and manage internally.
Not negotiable, due to management (rather than technical) concerns about the cloud and some other company potentially having access to our passwords and such.
Can import data from standard data formats (xml, csv, xls(x) or KeePass)

Highly desirable features are:

AD/LDAP integration
Easy auto-logon/one-click-logon (or ability to integrate with something that does
For example, ability to launch SSH client and auto-logon from a stored router password, or ability to launch RDP and logon to a Windows server from a stored Windows server password.
Ability to change passwords from within the application
Ability to expire or track expiration within the application
For compliance reason, we have to change the passwords on many of our service accounts at certain intervals, and I would like to track this within our password management suite.
Templates/ability to handle other data types
Credit cards and vendor support PINs, for example.
Ability to create password templates
Auditing user activity
Reporting (who has access to what)

I have no particular preference regarding (F)OSS or proprietary solutions, and not much concern to price - cheaper is better, but better is much better than cheaper.

Explanation / Answer

I've worked in a large cloud infrastructure firm that used ManageEngine Password Manager Pro for this purpose.

All of the feature requests you have are covered by the functionality of this suite.

Related Questions

I am looking for a collaborative real-time writing IDE that can be installed in
Question #657646
I am looking for a design for my application, here are the players(classes) invo
Question #653174
I am looking for a desktop photo organizer that provides the following two funct
Question #660648
I am looking for a detailed and well presented answer. Organize your work and th
Question #302155
I am looking for a digital asset management web application software. We are pla
Question #660659
I am looking for a fair voting system, where more options are available, and use
Question #657680
I am looking for a form builder solution that will allow rapid form development
Question #660516
I am looking for a framework or another path for integrating Django and JavaScri
Question #657676

Navigate

Previous
I am looking for an Office suite that can work with MS Office files that does no
Next
I am looking for an algorithm that shows the exact coefficients some variables t

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.