Thycotic Sercret Server: Heartbeat

What is ‘Heartbeat’?

  • Heartbeat allows properly configured Secrets to have the entered credentials automatically tested for accuracy at a given interval.
  • Using Heartbeat on Secrets will ensure the credentials stored in Secret Server are up-to-date and can alert administrators if the credentials are changed outside of Secret Server.
  • Heartbeat helps manage Secrets and prevent them from being out of sync.

Please note: Heartbeat for Windows Accounts is not compatible for accounts on the server that is running Secret Server.  These accounts will be flagged with a status of Incompatible Host.

Enabling Heartbeat

  • Enable Heartbeat must first be turned on in the Remote Password Changing Configuration page (navigate to Administration > Remote Password Changing).
  • It must also be set on the Secret template by enabling the Enable Remote Password Changing Heartbeat setting.

Using Heartbeat

  • Heartbeat will run in a background thread to check each Secret where it is enabled.
  • If the credential test fails, the Secret will be flagged as Heartbeat Failed and out of sync.
  • To avoid locking out the account, Heartbeat will no longer run on that Secret until the Secret items are edited by the user.
  • If the machine is determined to be Unavailable, the Secret will be flagged as Heartbeat Unable to Connect and the Secret will continue to be checked on the Heartbeat interval.

Manually Use Heartbeat

To manually use Heartbeat to check the credentials:

  • The Secret View page has the Heartbeat Now button.
  • The Heartbeat Now button will mark the password as Heartbeat Pending.
  • The background thread will process the Secret in the next 10 Secrets and when the page is refreshed the Heartbeat Status will be updated.

Heartbeat Logs

The Heartbeat logs for a specific Secret can be accessed by:

  • Clicking the View Audit button on Secret View page.
  • Ticking the checkbox at the bottom of the page for Display Password Changing Log.

The Heartbeat logs for all Secrets can be accessed by navigating to:

  • Administration > Remote Password Changing > Scroll down to the second set of logs.

For more information and general guidance on our products & services, please contact us.

Require further support?

Search all Knowledgebase articles

Send a Support Request to The Idency Support Team

In good company: some of Idency's clients