Define General Settings in Vault
Among the general settings in Vault, there are certain settings you should configure to be sure Vault functions properly.
- Go to Administration > Settings > General.
- Review and configure the following general settings for time limits, specials characters, the URL for your Vault instance, case numbers, and syslog audits.
- Time to inactivate unused user
- Available Special Characters
Set the global inactivity expiration threshold (days) for Vault users. For example, if a user has not logged into Vault for 30 days, you may wish to automatically prevent that user from having the ability to log in. The default setting is 0, which disables user inactivity timeout.
Set the non-alphanumeric characters that may be used in Vault passwords.
Note: The Available special characters setting can be overwritten by criteria assigned within a password template.
- Timeout for inactive sessions
- Externally accessible URL
- Allow all SSL Certificates in Remote Service Connections
Set the expiration time period for Vault user session inactivity. For example, if a user is logged into Vault and is not actively using Vault for a certain amount of time, the system logs them out.The default setting is 10 minutes, but time-out may be set anywhere from 5 to 60 minutes.
The URL of your Vault site.
Check to enable SSL certificate validation for remote services. It is recommend you enable this setting after remote services have been configured to leverage a valid SSL certificate, or after copying the root certificate information into the trusted root store for a self-signed certificate.
- Skip Approval
Set the number of hours (1 - 99) to wait for workflow approval before Vault automatically takes action.
Choose whether Vault automatically rejects or accepts a workflow item if not approved in the time designated in the timeout setting.
Check the box to enable the sending of email notifications to designated administrators or credential owners whenever a workflow approval is skipped. Then, choose who receives the email notifications: System administrators, Credential administrators, and/or Credential owner.
- Show image after: _failed login attempts
Bomgar Vault uses Captcha for secure logging of Vault users. Specify the number of times an incorrect password may be entered by a Vault user before Vault displays a Captcha image that must be entered correctly before login.
- Time for automatic check in
- Number of passwords to store
- Time to store each password
- Next incident number
Set the number of hours that credentials may be available for check out
Set the number of passwords Vault archives for each user. The default setting is 30.
Set the number of days to maintain the password history. If a user attempts to change a password to one of the historically saved passwords, the attempt fails. If you do not want to maintain a password history, enter the value 0 to disable the setting.
If enabled, the Incident number field on the Check-out Credential page increases incrementally each time a credential is checked out. This setting aids in management and reporting.
Email server configuration
- SMTP Server
- From address for email
- Ignore email server timeouts
- Authentication required
- Domain\user or e-mail: Enter the username/domain name or email address needed for authentication.
- Password: Enter the password needed for authentication.
- SSL/TLS: Check the box if the SMTP server requires a secure connection.
Enter the name of the email server that sends workflow notification emails.
Enter the email address from which workflow notification emails are sent.
Enter the port number of the SMTP server that sends workflow notification emails.
Check the box to restrict email forwarding in case of an SMTP server timeout. Enable this setting to prevent duplicate emails from being sent.
Check the box if the SMTP server requires authentication to send notification emails. If checked, complete the following fields:
- Synchronize directories
- Synchronization time
Check the box to automate synchronization between Vault and its associated directories.
Enter the time interval in minutes for each synchronization between Vault and its associated directories.