Account Restrictions

Applying user-based account restrictions

PreviousUsing LDAP with a database NextConnection Protocols

Last updated 24 days ago

Was this helpful?

Account Restrictions

Applying user-based account restrictions

User Management in Keeper Connection Manager

Keeper Connection Manager offers flexible user management capabilities that allow administrators to control access, apply account restrictions, assign permissions, and configure connection visibility for individual users or groups.

Accessing User Settings

To manage user accounts:

Log in to your Keeper Connection Manager instance as an administrator.
Navigate to the Settings tab.
From here, you can create new users or edit existing ones.

Account Restrictions

When configuring a user account, the following restrictions can be applied:

Login Disabled: Prevents the user from logging in to the system.
Password Expired: Forces the user to reset their password at next login.
Allow Access After: Grants access starting at a specific date and time.
Do Not Allow Access After: Prevents access after a specific date and time.
Enable Account After: Activates the user account at a scheduled time.
Disable Account After: Deactivates the account after a scheduled time.

Keeper Secrets Manager

Individual users can be assigned a specific Keeper Secrets Manager configuration, allowing the user to use credentials from their vault for establishing privileged sessions to any target. See the Multiple Vaults Integration page for more info.

User and Group Permissions

Permissions can be granted at the individual user level or inherited from a user group. Available permissions include:

Administer System: Full administrative rights over the instance.
Create New Users: Ability to create and manage user accounts.
Create New User Groups: Ability to create and assign user groups.
Create New Connections: Permission to define new connection entries.
Create New Connection Groups: Ability to group related connections.
Create New Sharing Profiles: Manage sharing templates and permissions.
Change Own Password: Allows users to update their own credentials.

Group Assignments and Connection Access

Users can be assigned to one or more groups, inheriting the group’s permissions and restrictions.

In addition, administrators can assign:

Specific Connections: Restrict the user to a defined set of connections.
All Connections: Grant access to all available connections in the environment.

Keeper Connection Manager provides flexible user management options that include account restrictions, administrative permissions and connection targets.

PreviousUsing LDAP with a database NextConnection Protocols

Last updated 24 days ago

Was this helpful?

User Management in Keeper Connection Manager

Accessing User Settings

To manage user accounts:

Log in to your Keeper Connection Manager instance as an administrator.
Navigate to the Settings tab.
From here, you can create new users or edit existing ones.

Account Restrictions

When configuring a user account, the following restrictions can be applied:

Login Disabled: Prevents the user from logging in to the system.
Password Expired: Forces the user to reset their password at next login.
Allow Access After: Grants access starting at a specific date and time.
Do Not Allow Access After: Prevents access after a specific date and time.
Enable Account After: Activates the user account at a scheduled time.
Disable Account After: Deactivates the account after a scheduled time.

Keeper Secrets Manager

User and Group Permissions

Permissions can be granted at the individual user level or inherited from a user group. Available permissions include:

Administer System: Full administrative rights over the instance.
Create New Users: Ability to create and manage user accounts.
Create New User Groups: Ability to create and assign user groups.
Create New Connections: Permission to define new connection entries.
Create New Connection Groups: Ability to group related connections.
Create New Sharing Profiles: Manage sharing templates and permissions.
Change Own Password: Allows users to update their own credentials.

Group Assignments and Connection Access

Users can be assigned to one or more groups, inheriting the group’s permissions and restrictions.

In addition, administrators can assign:

Specific Connections: Restrict the user to a defined set of connections.
All Connections: Grant access to all available connections in the environment.

Keeper Connection Manager provides flexible user management options that include account restrictions, administrative permissions and connection targets.