Rights on folders

Hi Lars,

It's not possible to do that with Hub. It's a design decision in order to keep performance in check, to encourage vault segregation and to keep permissions simple. Initially, Hub did not support permissions on folders; it was added last year.

With DVLS, you can revoke permissions on given folders like requested here.

Have a good day!

Hi

Thank you for your reply.
I just tried adding a new vault, but am I correct in, that I can't link a connection from one vault to a credential from another vault?

I think I might need to get back to DVLS instead, as I feel that one vault with folder permissions is the simple choice in my use case.

Regards.

Hi Lars,

That is correct, the only exception right now is the user vault. From a shared vault, you can link to a user vault. It will actually perform a search on the user's vault by name for the entry.

Have a good day!

Hi,

is there any plan that Hub will get a feature like that ? We have exactly the same situation in our environment and want to move to Hub.

BR,
Thomas

Hi Thomas,

As explained above, there's currently no plans for such feature. We typically recommand creating a new vault for entries with restricted access.

Have a good day!

Just to piggy back - I'm going from Devolutions Online DB to Password Hub Business and am brainstorming on how to set up the hierarchy.

With the legacy security and online DB - it was a big folder structure with nested folders and inherited permissions. I created "vaults" - in a way by creating a new folder, adding permissions and then using the "shortcut" feature to populate the folder with connections.

I'm looking for 20,000 feet advice on how to set this up

Does password hub allow any nesting? Should I think of vaults like folders? I'm having trouble picturing a use case for how this can be setup.

Example:

Default Vault - everyone has access (except marketing)
Entry 1
Entry 2
Entry 3

Marketing Vault (permissions for marketing group)
Entry 3

If I want marketing group only to see Entry 3, Do I have to duplicate Entry 3 in each vault? There must be a simpler way to do this as I know you guys have been thinking about it for a while since ODB legacy security groups.

Thanks in advance

Hello,

Yes you have to Duplicate the Entry if in a different Vault.
.
Create different vault is the best practice But if you want to share entry between team , we understand this use case.
l will bring this subject in our feature request review backlog.

Keeping the access restrictive on the vault, user now can request Temporary access, ( this is a new feature from the last update version). It can be useful for those restricted user within a Vault . If they need a shared entry they can request access.

If you would like to know more about this feature don't hesitate to ask services@devolutions.net

Have a great day.

The shared connection issue is definitely a step back - when I could create a shortcut to a connection into different vaults, I only have to update the one connection should I need to change it.

Otherwise it seems the only option is to have shared connections in the Default Vault and Specfific ones in separate vaults. Honeslty this is much less practical as my teams share different connections and i like being able to set it up so when they login, they only see the connections that they use / have permission to see.