tdr.css
April 22nd, 2019, 03:35 PM
Hello,
We have a situation where we would like to restrict a user from accessing all passwords, except a few.
We generally have two types of users, Trusted and Untrusted. Trusted are people who have been with the company a long time and have access to all passwords (these are sysadmins in CommitCRM).
This is what is working so far (please let me know if there was a simpler way to do this):
* We assigned a token called UNTRUSTED to the untrusted user
* We assign a token to every account we have, titled TRUSTED. (Account security settings - User must have at least one) [Since our trusted users are sysadmins, they have access to all tokens and are able to see these account passwords.]
* For the accounts we want an Untrusted user to have access to, we apply the UNTRUSTED token to the account.
Is there a better way to have done this?
This works great, but is very hard to audit. Is there a way to dump the accounts/tokens to a file or something so we can easily audit this?
We have a situation where we would like to restrict a user from accessing all passwords, except a few.
We generally have two types of users, Trusted and Untrusted. Trusted are people who have been with the company a long time and have access to all passwords (these are sysadmins in CommitCRM).
This is what is working so far (please let me know if there was a simpler way to do this):
* We assigned a token called UNTRUSTED to the untrusted user
* We assign a token to every account we have, titled TRUSTED. (Account security settings - User must have at least one) [Since our trusted users are sysadmins, they have access to all tokens and are able to see these account passwords.]
* For the accounts we want an Untrusted user to have access to, we apply the UNTRUSTED token to the account.
Is there a better way to have done this?
This works great, but is very hard to audit. Is there a way to dump the accounts/tokens to a file or something so we can easily audit this?