Out of the box Safes

The following Safes are created upon deployment of Privilege Cloud.

General Safes

Safe

Description

PVWAConfig

This Safe contains all the configuration settings for the Privilege Cloud.

Note: Do not modify this Safe.

PVWAUserPrefs

This Safe contains the user preference settings for the Privilege Cloud.

Note: Do not modify this Safe.

PVWATicketingSystem

This Safe is used to store accounts that are used to connect to ticketing systems that are configured to work with the Privilege Cloud portal.

The following Safes are automatically created during deployment. When the first report is generated, a new folder is created for the user where the reports they generate are stored. By default, reports are created in a separate folder for each user, and each user can only access their own reports. Only users who have specifically been given access authorizations in this Safe can see all the reports.

Safe Description
PVWAReports

This Safe is specifically for reports and is created with the following configuration:

Object Level Access – Reports Safes are configured for Object Level Access.
Automatic purge – Reports Safes are configured to delete reports automatically when the object retention period expires.
Objects retention – Reports are stored in the Reports Safe for 30 days, by default.
Safe activity retention – Safe activity logs are stored in the recording Safe for 90 days, by default.

PVWATaskDefinitions

This Safe contains all the reports that were saved and/or scheduled by users.

PVWAPublicData

This Safe contains the help documents that can be accessed from the Privilege Cloud portal.

Privilege Cloud Connector Safes

The following Safes are created when you deploy the Connector.

CPM Safes

During installation the following Safes are created for the CPM:

Safe Description

PasswordManager Safe

This Safe contains the CPM.ini file, which includes the main CPM settings, and the ADConfiguration.xml file where auto-detection parameters are configured.

<CPM name>_workspace Safe

This Safe is used for internal processing and should not be accessed by users. The default size of this Safe is 5000 MB.

The name of this Safe contains the CPM name. By default, it is called ‘PasswordManager_workspace’.

<CPM name>_info Safe

This Safe is used to store notifications about theCPM’s activities. The PVWAAppUser is automatically added to this Safe so that it can read platform names and details, and display them in the Privilege Cloud portal.

The name of this Safe contains the CPM name. By default, it is called ‘PasswordManager_info’.

<CPM name>_ADInternal

This Safe is used for internal processing during auto-detection activities and should not be accessed by users.

The name of this Safe contains the CPM name. By default, it is called ‘PasswordManager_ADInternal’.

PasswordManagerShared Safe

This is an internal Safe that is used as a repository of platforms for all CPMs. The default size of this Safe is 500 MB.

During installation and upgrade, Privilege Cloud Admins group is automatically added to all of the above Safes with all Safe member authorizations. However, if this group does not have all of the authorizations, the upgrade procedure does not update them.

PSM Safes

During installation, the following Safe is created for the PSM environment:

Safe Description
PSM Safe This Safe contains the password of the unique PSM user.

The following group is automatically added as an owner of this Safe:

Group Description
PSMAppUsers

This group is added with the following permissions:

List accounts
Retrieve accounts

Accounts for the PSM users created on the PSM server machine are created in this Safe with the following names:

Account Description

PSMServer

Account properties specify the user name, PSMConnect, and the IP address of the PSM machine.

PSMAdmin

Account properties specify the user name, PSMAdminConnect, and the IP address of the PSM machine.

In an environment where multiple PSM servers are installed, each PSM service has its own unique PSM user. Passwords for these users are stored in the PSM Safe. In order to identify the password for each PSM service, its name includes the PSM host name identification.

See alsoManage Safes