Remote Support Integration with Secret Server

Third-party vendors create and maintain this integration. Delinea does not guarantee that the integration will work properly or that it respects Delinea product limitations. Delinea has not reviewed this integration and Delinea Support staff can only assist with the Delinea side of setup.

BeyondTrust is a secure remote support solution that helps IT professionals quickly and securely access and fix any remote device anywhere, on any platform, with a single solution. It provides secure access, ease of use, and scalability.

BeyondTrust's Remote Support plugin integration to Delinea Secret Server enables automatic password injection to authorized systems through encrypted BeyondTrust connections, removing the need to share and expose credentials to privileged accounts. In addition to machine-specific credentials, the integration also allows to retrieve domain credentials that are not machine-specific, giving domain admins and other privileged users access to those credentials for use on endpoints on a domain.

The integration between BeyondTrust and Delinea enables:

  • One-click password injection and session spawning.

  • Credentials never exposed to authorized users of BeyondTrust.

  • Access to systems on or off the network with no preconfigured VPN or other routing in place.

  • Passwords always stored securely in Delinea Secret Server.

The BeyondTrust Endpoint Credential Manager (ECM) enables the communication between Delinea Secret Server and BeyondTrust Remote Support. The ECM is deployed to a hardened Windows Server inside the firewall, typically in the same network as Secret Server. Once the ECM is deployed, BeyondTrust users see a list of administrator-defined credentials for the endpoints they are authorized to access. A set of these credentials can be selected when challenged with a login screen during a Remote Support session and the user is automatically logged in, having never seen the username/password combination.

Delinea Secret Server handles all elements of securing and managing the passwords, so policies that require the password to be rotated after use are supported. BeyondTrust Remote Support handles creating and managing access to the endpoint and then recording the session and controlling the level of access granted to the user, including what the user can see and do on that endpoint.

This integration works only with Secret Server Cloud and is not compatible with the Delinea Platform (Secret Server on the Delinea Platform).

This third-party integration does not natively support the Delinea Platform (Secret Server on the Delinea Platform). Once upgraded to the Delinea Platform, the integration will continue to function properly as long as the application account used for the integration remains in Secret Server. Once fully upgraded to the Platform service account model, the existing integration will no longer work with Secret Server on the Delinea Platform as all identity data will be moved to the Delinea Platform and will no longer be maintained in Secret Server.

To learn more about this third-party integration, click here.