Limit Platforms to Specific Safes

This topic describes how to use the AllowedSafes parameter to restrict platforms to accounts stored in specific Safes.


Target account platforms can be restricted to accounts stored in specific Safes. This feature is especially relevant if you implement the reconciliation functionality to prevent automatic reconciliation being performed on every Safe and giving unauthorized users access to passwords.

In large-scale environments, it is very important to enable the CPM to focus its search operations on specific Safes, instead of scanning all Safes it is allowed to see in the Vault.

Limit a platform to a specific safe

  1. In the list of supported target account platforms, select the platform that you want to modify, and then click Edit.

    The Target Account platform settings page appears.

  2. Expand Automatic Password Management, and then select General.

    The list of General properties is displayed.

  3. In the AllowedSafes parameter, specify the name(s) of the Safe(s) where this platform is used. The default value is .*, which allows the platform to be applied in all Safes.


    This field is limited to 700 characters.

    For example, to limit this platform to Safes called ‘LinuxPasswords’ and ‘AIXPasswords’, specify:



  4. Do one of the following actions:

    • Click Apply to save the new configurations and apply them immediately.

    • Click Save to save the new configurations and apply them after the period of time specified in the RefreshPeriod parameter.