16. Self Service

The Self-Service feature allows you to specify individual computers that a user will have permission to retrieve the Administrator password for.

If a user has Self Service computers assigned to them, they will receive an additional menu item (note: if the user has no other Active Directory permissions, then the Browse button will not be available to them).

Computers can be assigned to users in one of two ways when setting up Self Service for that user/group:

1. By manually and individually adding the computers,
2. By enabling one of the options in the Managed by tab.

The latter option will allow the user (or users if the OVERLAPS user is a group) to access the passwords for computers which they are individually identified as the owner of through the Active Directory “Managed By” option.

For more information about setting up Self Service users/groups, see Managing a User’s Self Service Computers.

When they log in, or click Self-Service menu button, the user will be shown their list of Self-Service computers and a button for displaying the current Local Administrator password.

All the user needs to do is click the View Password button to display that computer’s password.

If the Self Service user has the option checked to require Authorisation, then they will follow the same procedure as regular users requiring Authorisation (see Requesting Permission to Access a Password).

If the Self-Service access granted to the user has an expiry date and time, this will be displayed to the user.