Enable Administrator Access to SecretStore
If you check the Enable Administrator Access to SecretStore check box, a Novell®
SecretStore® administrator can unlock a user's SecretStore. This
is useful when a user forgets a password.
Although the SecretStore administrator can unlock a user's SecretStore, that administrator can't read the user's passwords. Unlocking a user's SecretStore only lets the logged-in user regain access to passwords after a SecretStore lock. (A SecretStore lock occurs when an administrator changes a user's eDirectoryTM password.)
SecretStore Administrator List
The SecretStore Administrator List identifies users who can unlock SecretStore.
A SecretStore administrator should not have "normal" network administrator rights. This caution prevents the administrator from resetting the user's password (as admin), unlocking the user's SecretStore (as SecretStore administrator), logging in as the user (with the reset password), and reading secrets.
To avoid bypassing enhanced protection, the two-administrator feature must be split between two or more administrators (one eDirectory administrator, one SecretStore administrator).
To add a SecretStore Administrator:
A trademark symbol (®, TM, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. For more information, see Legal Notices.