Info
KeePass Hub
J. User Administration
Privilege Elevation and Security Zones
Privilege Elevation
Security Zones
Sitemap
Info  >  KeePass Hub  >  J. User Administration  >  Privilege Elevation and Security Zones  >  Security Zones Page last modified Apr 02 2022, 20:44

Security Zones

See why customers enjoy using Pleasant Password Server with a KeePass client

(Versions 7.9.7+, Enterprise+)

Zones are secured areas of Password Server which require elevated access.

  • Zones can include items that may be restricted, such as: folders / entries, or admin settings
  • Users will elevate their session to access a Zone - which grants them access to the permissions available in that zone

Managing Zones

Zones can be managed through the Users and Roles > Zones page. The actions for the zones are detailed below. This page can be viewed by users who have any of the following permissions:

  • Administer Permissions
  • Administer Zones: View Only
  • Administer Zones: Create Zones
  • Administer Zones: Update Zones
  • Administer Zones: Delete Zones
  • Administer Zones: Set Users and Roles to Zone

 Security Zones

 

Creating a Zone

In order to create a zone, the user must have the "Administer Zones: Create Zones" permission. To create a zone, click the Add New Zone button.

  Create a security zone

  • Name: The name of the zone. (required)
  • Description: A description of the zone, used to describe what the zone is intended to be used for. (optional)

Updating a Zone

In order to update a zone, the user must have the "Administer Zones: Update Zones" permission. Under Actions, select Edit Zone, which will allow the name and description of a zone to be changed.

Deleting a Zone

In order to delete a zone, the user must have the "Administer Zones: Delete Zones" permission. Under Actions, select Delete Zone, then confirm that you wish to delete the zone.

Setting Zone Permissions

In order to set a zone's permissions, the user must have the "Administer Permissions" permission. Under Actions, select Set Permissions. Click the checkboxes beside the permissions to choose which ones you want to add or remove from the zone. Note that a user cannot remove the "Administer Permissions" permission from a zone if their session is currently elevated into that zone.

  Set Zone permissions

Setting a Zone's Users and Roles

In order to set the users and roles on a zone, the user must have the "Administer Zones: Set Users and Roles to Zone" permission. Under Actions, select Set Users and Roles. Note that a user cannot remove themselves from a zone if their session is elevated into it.

  Add users and roles to a Zone

Adding Access for a Zone on a Folder or Entry

To add zone access on a folder or entry, right-click on the folder or entry and select User Access, which is demonstrated here. Zones are now an option for creating access for, which works the same way as it does for Users and Roles.

Assign Zone Access