Move to vault permission
I've writen a script that stores service account passwords in a temp vault where the user can copy it to their own vault.
I'm admin and i have the option to move the whole entry to a different vault.
Is it possible to give the user the option to move the whole entry to their vault?
What permission do they need to get this option?
Currently running devolution server 2023.3.7.0
Untitled2.png
All Comments (7)
Hello,
The "Move to Vault" option is only visible by admins in the Devolutions Server.
Best regards,
Possible to get something similair in a new release?
Because why the option for move permissions when moving objects is not allowed for a regular user (to a different vault)
Hello,
You could achieve the same option through RDM with the copy option.
Here are the minimum permission the user need to copy the entry in RDM:
- In DVLS
- Export
- On the entry
- View password
- View sensitive information
- Edit
Best regards,
Hi,
I've just tested the proposed approach using the copy feature and everything seems to work fine. In order to preserve the access logs, I was forced to not change the ID of the entry, however. I instantly got a warning that this might cause some unforeseen issues. What are the dangers related to this?
Best regards,
Fabian
Hello,
Not changing the ID will create a duplicate entry in the database with the same ID and this could cause some issue with the reference inside the DB, it's hard to predict exactly what could happen. For example, I just tried it on my side and after deleting the copy I made it deleted both entries.
Best regards,
Hi William,
That's good to know.
Is there a way to move an entry (or copy / paste) from one vault to another while keeping the access logs, then?
Best Regards,
Fabian
Hello,
Not without the move to Vault option.
Best regards,