Manually Importing Local Accounts

Importing local accounts is the process of bringing in discovered local accounts for management by Secret Server:

  1. Click Administration button on the side bar. The Secrets Administration page appears.

  2. Click the Discovery link in the Configuration > General section. The Discovery Sources tab of the Discovery page appears.

  3. Click the Network View button, which is not the same as the Network View tab. The Discovery Network View page appears. This page shows the computer accounts that have been found by Discovery. Clicking a domain name in the domain tree on the left displays the OUs available in that domain. Clicking on an OU displays the computers in that OU in the search grid.

    By default, this process uses the Import All discovery account rule.

  4. Click a domain in the tree. The tree expands to show the domain's OUs.

  5. Click an OU from that domain. The table on the right populates with the computers in that OU.

  6. Click to select the computer accounts you want to import. Only accounts that have been assigned a secret can be selected. In fact, that is largely what import does—takes a discovered computer account and assigns it a secret so that Secret Server can manage it.

  7. Select or fill in the scan template, secret type, folder for the new secrets, secret naming convention, and site (if this discovery uses distributed engines).

  8. Click the Next button. The Password tab of the wizard appears.

  9. Choose whether you have existing passwords for the accounts or wish to create new ones. If you choose the latter you can choose whether you want to manually create the new passwords or automatically create them based on the secret template's password settings.

    Remote password changing must be enabled to change the password. If that is the case, you will not see any selection buttons and a message appears instead.

  10. Click the Next button. The Initial Takeover tab of the wizard appears.

  11. If you chose to change the passwords, you need to select secrets to provide the initial password to do so—otherwise, discovery cannot access the account to change the password.

  12. Click the Next button. The Password Changing tab of the wizard appears.

  13. Select whether you want to use a secret credential or a privileged account to change the password in the future.

  14. Click the Finish button. The final page of the wizard appears, and your choices are applied.

  15. When the operation is complete, click the Close button. The Network View page reappears.

  16. You can now see that the accounts you selected have secrets associated with them. You can click the secret name to go to that secret, which should indicate a successful heartbeat was conducted.