Define General Settings in Vault

Among the general settings in Vault, there are certain settings you should configure to be sure Vault functions properly.


  1. Go to Administration > Settings > General.
  2. Review and configure the following general settings for time limits, specials characters, the URL for your Vault instance, case numbers, and syslog audits.


General Configuration

  • Time to inactivate unused user
  • Set the global inactivity expiration threshold (days) for Vault users. For example, if a user has not logged into Vault for 30 days, you may wish to automatically prevent that user from having the ability to log in. The default setting is 0, which disables user inactivity timeout.

  • Available Special Characters
  • Set the non-alphanumeric characters that may be used in Vault passwords.

Note: The Available special characters setting can be overwritten by criteria assigned within a password template.

  • Timeout for inactive sessions
  • Set the expiration time period for Vault user session inactivity. For example, if a user is logged into Vault and is not actively using Vault for a certain amount of time, the system logs them out.The default setting is 10 minutes, but time-out may be set anywhere from 5 to 60 minutes.

  • Externally accessible URL
  • The URL of your Vault site.

  • Allow all SSL Certificates in Remote Service Connections
  • Check to enable SSL certificate validation for remote services. It is recommend you enable this setting after remote services have been configured to leverage a valid SSL certificate, or after copying the root certificate information into the trusted root store for a self-signed certificate.

Workflow configuration

  • Timeout
  • Set the number of hours (1 - 99) to wait for workflow approval before Vault automatically takes action.

  • Action
  • Choose whether Vault automatically rejects or accepts a workflow item if not approved in the time designated in the timeout setting.

  • Skip Approval
  • Check the box to enable the sending of email notifications to designated administrators or credential owners whenever a workflow approval is skipped. Then, choose who receives the email notifications: System administrators, Credential administrators, and/or Credential owner.

Login security

  • Show image after: _failed login attempts
  • Bomgar Vault uses Captcha for secure logging of Vault users. Specify the number of times an incorrect password may be entered by a Vault user before Vault displays a Captcha image that must be entered correctly before login.

Credential configuration

  • Time for automatic check in
  • Set the number of hours that credentials may be available for check out before being automatically checked back in. Multiple values, separated by commas, may be entered.

  • Number of passwords to store
  • Set the number of passwords Vault archives for each user. The default setting is 30.

  • Time to store each password
  • Set the number of days to maintain the password history. If a user attempts to change a password to one of the historically saved passwords, the attempt fails. If you do not want to maintain a password history, enter the value 0 to disable the setting.

  • Next incident number
  • If enabled, the Incident number field on the Check-out Credential page increases incrementally each time a credential is checked out. This setting aids in management and reporting.

Email server configuration

  • SMTP Server
  • Enter the name of the email server that sends workflow notification emails.

  • From address for email
  • Enter the email address from which workflow notification emails are sent.

  • Port
  • Enter the port number of the SMTP server that sends workflow notification emails.

  • Ignore email server timeouts
  • Check the box to restrict email forwarding in case of an SMTP server timeout. Enable this setting to prevent duplicate emails from being sent.

  • Authentication required
  • Check the box if the SMTP server requires authentication to send notification emails. If checked, complete the following fields:

    • Domain\user or e-mail: Enter the username/domain name or email address needed for authentication.
    • Password: Enter the password needed for authentication.
    • SSL/TLS: Check the box if the SMTP server requires a secure connection.

Directory synchronization

  • Synchronize directories
  • Check the box to automate synchronization between Vault and its associated directories.

  • Synchronization time
  • Enter the time interval in minutes for each synchronization between Vault and its associated directories.