RE: Using thycotic secret server to serve up oracle passwords

From: Matt Adams <MAdams_at_TroverSolutions.com>
Date: Wed, 23 Mar 2016 12:26:59 +0000
Message-ID: <8ff5f058a436462aa16b9ae2dbefa564_at_wpvl1dag02.hcrec.com>



I’ve been using KeePass for years for both personal and profession password management. It’s an excellent utility. Unfortunately, it doesn’t really handle multiuser environments and doesn’t have programmatic access via an API. We need something that can do both.

Matt

From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Mladen Gogala Sent: Tuesday, March 22, 2016 5:58 PM
To: oracle-l_at_freelists.org
Subject: Re: Using thycotic secret server to serve up oracle passwords

There is also an open source solution called KeePass, that I've seen used quite a few times. Looks better than Excel and is cheaper, too.

On 03/22/2016 04:50 PM, MJ Mody wrote:
Hey Matt,
Our IS Security group recently procured this software for enterprise-wide password management and auditing. It is better than saving passwords in spreadsheet called password.xlsx only to allow malware to act on threat vector. Initial DBA objection was in light of oracle key vault which in later phase integrates key management with database. Nonetheless, we are in the process of importing all passwords into software and extending capabilities with powershell. From bc/dr perspective, we use double-take which has powershell capabilities as well. Looking to see how to better integrate failover/failback scripts. Side note, Oracle SEPS (secure external password store) may be an option to 'remove oracle passwords from automated jobs/shell scripts'.

Hope this helps

On Mar 22, 2016, at 2:38 PM, Matt Adams<MAdams_at_TroverSolutions.com<mailto:MAdams_at_TroverSolutions.com>> wrote: If anybody on the list has ever used the Thycotic Secret Server java console api to remove oracle passwords from automated jobs/shell scripts and would like to share their experiences (and perhaps answer a question or two), I’d love to hear from you….on-list or off-list, either is fine with me.

Matt Adams

  • This communication may contain privileged and/or confidential information. If you are not the intended recipient, you are hereby notified that disclosing, copying, or distributing of the contents is strictly prohibited. If you have received this message in error, please contact the sender immediately and destroy any copies of this document. ****

--

Mladen Gogala

Oracle DBA

Tel: (347) 321-1217
**** This communication may contain privileged and/or confidential information. If you are not the intended recipient, you are hereby notified that disclosing, copying, or distributing of the contents is strictly prohibited. If you have received this message in error, please contact the sender immediately and destroy any copies of this document. ****

--

http://www.freelists.org/webpage/oracle-l Received on Wed Mar 23 2016 - 13:26:59 CET

Original text of this message