Managing Secrets

SecretStore Manager lets users perform basic maintenance tasks on the SecretStore. SecretStore Manager is not intended to be a primary interface to single sign-on functionality. However, it is a relatively simple-to-use tool that can help you manage SecretStore.

To use SecretStore Manager, run ssmanager.exe. For the Novell SecureLogin 3.5 release, this file is in the secstore\tools\utils directory.

SecretStore Status (ssstatus.exe) is the light version of SecretStore Manager.

Adding a Secret

1. At the SecretStore Manager main dialog box, click Options > Add Secret.

   You can also press Insert.

2. Provide a secret identifier.

3. Provide and confirm a secret.

4. (Optional) Check the Add Enhanced Protection check box, then click OK.

   For information about enhanced protection, see Using Enhanced Protection.

Editing a Secret

1. In the SecretStore Manager main dialog box, click Options > Edit Secret.

2. Make changes, then click OK.

   If the secret is a shared secret, you can't edit it.

Editing a secret in SecretStore Manager does not change the application's password.

Removing a Secret

1. In the SecretStore Manager main dialog box, select a secret identifier from the Secret Identifier box.

2. Click Options > Remove Secret > Yes.

   You can also use the Delete key.

To quickly remove all test secrets from the Secret Identifiers box, click Tests > Remove All Test Secrets.

Unlocking a Secret

1. From the SecretStore Manager main dialog box, select the locked secret.

2. Click Options > Unlock SecretStore.

3. Type and confirm the previous NDS^® password, then click OK.

4. Follow the on-screen prompts.

You can also use the Unlock feature in ConsoleOne.

1. In ConsoleOne, right-click the User object, then click Properties.

2. Select the Novell SecretStore tab, then click SecretStore > Unlock.

   The Unlock feature unlocks all secrets that are locked because of a network administrator changing a user's eDirectory password.

   Only those secrets that were created with enhanced protection have the ability to be locked. See Using Enhanced Protection. You are prompted to enter the previous eDirectory password. If you cannot provide the password, the secret remains locked. You must then delete and re-create the secret.

Viewing a Secret

1. In the SecretStore Manager main dialog box, select a secret identifier.

2. Click View > View Secret.

3. Confirm that you are in a secure area by clicking Yes.

You can also view a secret by doing either of the following:

• Select a secretID, then press Enter.
• Double-click a secretID.

Viewing a Secret's Status

You can find out the following information about the status of a secret:

• Whether the secret is locked
• Whether the secret has enhanced protection
• When the secret was created
• When the secret was last accessed
• When the secret was last modified
• Who modified the secret

To view a secret's status:

1. At the SecretStore Manager main dialog box, select a secret identifier.

2. Click Info > Secret Status.