Database  Properties

The Properties dialog window contains general information about a selected database. You can access it by selecting a database in the Databases area and clicking Properties. The dialog title displays the name of the selected database.

General

The General tab shows basic information about the selected database:

  • File type: Displays the type of the database file (e.g., PSWE Database).
  • Size: Shows the file size of the database in bytes.
  • Modified: Displays the date and time of the last modification.
  • Comments: The Comments field displays the description or comment for the database. You can use this field to store additional notes about the database.

Active connections

The Active connections list shows all users and groups that currently have the database open. The list contains the following columns:

  • Name: The name of the connected user or group.
  • Type: The server roles assigned to the user.
  • Department: The department to which the user is assigned.
  • Description: The description of the user or group.
  • Time: The time of the connection.

Click the Refresh button to update the current view.

Use the Disconnect button to disconnect a selected user from the database. This action is only available to server administrators.

Database Administrators

On the Database Administrators tab, all user accounts that are defined as administrators for the selected database are listed. Only the users shown here are allowed to manage this database.

  • Account: Displays the username of the database administrator.
  • Full name: Shows the full name of the respective user.
  • Email: Displays the stored email address of the user.
  • Department: Indicates the department to which the user is organizationally assigned.

Select Add to choose a user from the list that opens. Click OK to add the user as a database administrator. Select a user and choose Remove to revoke the user's role as database administrator. By clicking Clear, you can remove all users from the list.

HINT: The accounts listed here must also have the Database administrator role in order to manage the database in the Server Manager.

Database Supervisors

On the Database Supervisors tab, all user accounts that are defined as supervisors for the selected database are listed. The users entered here can approve or reject requests for sharing secrets as well as for breaking seals within this database.

  • Account: Displays the username of the supervisor.
  • Full name: Shows the full name of the respective supervisor.
  • Email: Displays the stored email address of the supervisor.
  • Department: Indicates the department to which the supervisor is organizationally assigned.

Select Add to choose a supervisor from the list that opens. Click OK to add the user as a database supervisor. Select a user and choose Remove to revoke their role as database supervisor. By clicking Clear, you can remove all users from the list.

Enable the Server Supervisors have the same rights regarding the database option to also use the supervisors defined at the server level for this database, in addition to the database-specific supervisors listed above. This option can only be changed by the server administrator.

HINT: Whether approval by a supervisor is required for sharing secrets is configured in the server policies for Shared Secrets.

Advanced

The Advanced tab allows you to configure advanced settings for security, monitoring, and custom icon management for the selected database.

NOTE: The Database Properties are supposed to provide basic information about a database in general. Detailed rights management, however, can only be carried out in the Permissions area.

Security

Encrypt Database on Server with:

Here you can encrypt your server databases with an additional password. By default all server databases are encrypted with the super administrator's password which means that the super administrator can automatically manage all databases available on the server as soon as they access the Server Manager.

In some cases, however, the super administrator or other server administrators should not be allowed to access and manage all server databases by default. If so, further configuration is needed and we therefore recommend encrypting the server databases with an additional password. Click Change settings to start:

The dialog window Change Database encryption settings opens. Open the drop-down menu Encrypt Database on Server with and select the option Custom password (Permissions management requires verification). You will be asked to enter a new password and confirm it next. Finally, click OK to finish.

If you save changes, the selected database is encrypted with an additional password. From this point onwards, accessing the database properties and permissions and thus, database management in general will only be possible if the custom password is known and entered correctly. Other users with additional server roles who may also have access to the Server Manager can only access such databases and their properties if they know about the additional password.

If you would like to change the custom password at a later point in time, enter the database's current custom password to open its properties. In the Advanced tab click Change settings next. Enter the old custom password first and enter a new password afterwards. Click OK to save the new custom password. If you would like to delete the custom password, select the option Administrator password (Automatic access to permissions management) from the drop-down menu and enter the current custom password into the corresponding field afterwards. Finally, click OK to finish. The additional custom password for further database encryption is then restored to the super administrator's password which means that from this point onwards no custom password is needed or has to be entered if server administrators would like to manage the database's permissions or properties.

WARNING: Caution when using this feature! Please only set an additional custom password for database encryption if it is really needed because there is no option of resetting or restoring those additional custom passwords if server administrators forget them. As a consequence, you cannot open the properties and permissions of the affected database and database management will not be possible anymore if the custom password gets lost. Therefore, please only use this feature if really needed and if so, please keep the additional custom password safe.

NOTE: For more information about this feature, please visit our support portal: How to protect Enterprise Server databases from unauthorized access by the server administrator.

Monitor and log all cases of user access to entries

This option allows you to track and log every instance of user access to the entries in Password Depot Enterprise Server. By enabling this feature, you can maintain a detailed record of user activities, which can help enhance security and accountability within your organization.

When this option is enabled, the eye icon for revealing a password in plain text will disappear in the client's details area on the right. Background: This is the only way for server administrators to monitor and log every access on server entries in detail. For more information about this feature, please visit our support portal:

Where can I find the "eye" icon for revealing passwords in plain text?

Users must specify a reason when deleting an entry

Enabling this option requires users to provide a reason for deleting an entry in the Password Depot Enterprise Server. This added layer of accountability can help prevent unauthorized or accidental deletions, as well as provide valuable information for auditing and tracking changes within the system.