We're a large IT group and we have multiple subsidiaries using a central passwordstate vault. Each subsidiary have it's own set of internal ou customers accounts / password / servers / ...
We manage the segmentation on passwords using folders (advanced or standard permissions models) or lists: each team have its own root folder and manage their subfolders and lists inside. So people from team A cannot see passwords from team B unless they've been granted for.
However, hosts are not manageable in the same way. No segmentation is possible for adding / deleting / editing hosts. So if someone from Team A add an host, people from Team B can remove this host. Each team needs to be fully autonomous for managing hosts, so we cannont centralize host insertion or edition to a central Team.
We could like to have an host segmentation (per folder maybe ?) so if someone create an host in group / folder "A", only people that would have been admin rights grandted on that group can add / edit / remove it.
We would like to have the ability to have Reset Status, Heartbeat Status and Password Last Updated for a particular password through API.
Our MSP activity team need that in order to integrate all failed password reset or out sync password status into their global monitoring dashboard (Grafana)
This could be added as a new field in the JSON reponse from "GET /winapi/passwords" request.
YannR got a reaction from Don in Host Segmentation and permission
YannR got a reaction from Max in Heartbeat and Reset Status querying from API