LastPass Enterprise Admins now have the option of directly placing a site in a user's vault through our new Push Sites to User feature. This feature is helpful when you would like to pre-populate a site in a user's vault so the user will have this site to use upon his or her first login to LastPass. Push Sites to Users is also helpful when used to push SAML specific URLs to services you have linked to your Enterprise to using LastPass SAML.
Admins should note that Push Sites to Users is a much different feature than Shared Folders. Push Sites to users places the site entry directly into a user's vault, rather than in a central folder accessible to all as with Shared Folders. Once pushed, a site cannot be removed from a user's vault by the Admin, as it is in the individual's vault like any other site entry the user may have saved. When considering which sites to push to users, please remember that you cannot remove this site at a later time.
Another unique aspect of Pushed Sites is that due to how the technology behind pushing sites works, any data you elect to push to your users is accessible on LastPass servers in unencrypted form until the data is pushed to a user. Once pushed to a user, the data will leave the LastPass server and be encrypted in the user's individual vault. This is NOT the case with Persistent Pushes, which will stay on the LastPass server until deactivated or deleted. For more information on Persistent Pushes please see below.
How to Push Sites to Your Users
To push sites to your users, first login to your Enterprise Admin Console, and navigate to the Setup Tab. From there, you will see a sub-heading for Push Sites to Users. Once clicking the sub-heading, you will see a straightforward menu on what information to fill out when pushing sites to users:
The first option you have when pushing sites to users is to upload a CSV file containing the relevant site and username data that you'd like to push. To download a sample CSV and learn the format and information needed to do this, use the Sample CSV file provided.
The second option to use is to manually fill out the site data that you'd like to push to your users. To do this, you need to fill out this key information:
- User(s): Select the User or User Groups you'd like to push the site to. You can also select to push to All current and future users in the Enterprise, or all current and future members of a User Group.
- URL: The URL of the site entry that you'd like to push
- Name: The name you would like the site entry to have in the users' vaults
- Group: The name of the group you'd like this site to be added under in the users' vaults
- Username: The username the users will utilize to login to the site. You can select to have this be the individual's full email address that is used as their LastPass account name, ONLY the username portion of their email, OR a custom username you manually enter
- Password: The password that will be used to login to the individual site
- Notes: Any notes that you would like to be entered into the notes portion of the site entry
- Favorite: Designate whether or not you'd like this site to be marked as a Favorite in users' vaults
Once you are have filled out this relevant information, you can now push the site to your user(s)!
Persistent Site Pushes
Persistent site pushes are when you have elected to push a site to a group of users or All users. LastPass will keep this site information on our servers and push to any new users that are added to the User Group or your Enterprise at large (in the case of All). This will occur until you manually delete or deactivate the persistent push. When you elect to use a persistent push, this means the data is accessible to LastPass. Due to how pushing sites works, this data is not in its encrypted form when waiting to be pushed. Only upon entering the Vault will the data become encrypted using the users' encryption keys. You can remove or delete persistent shares by viewing your previously pushed sites.
Previously Pushed Sites
At the top of the Push Sites to Users page is a link to view a log of previously pushed sites. This link takes you to a view of ALL previously pushed sites. This is where you can deactivate or remove persistent pushes.
This page shows the name of the pushed site, which users or user groups it was pushed to, whether or not it was persistent, and whether or not the push is still active. You can take three actions on this page regarding the previously pushed sites:
- Details: Viewing Details shows the individual users that had the site pushed to them.
- Deactivate: Hitting deactivate prevents persistent pushes from being pushed to new users. This effectively turns the persistent push "off." Sites can be re-activated at a later time to be "re-pushed" to any new users that have been added since the push was deactivated.
- Delete: This permanently deletes the pushed site from the system. PLEASE NOTE: This will not remove the site entry from the individuals' vaults, but only the push from the LastPass servers.
If you have any more questions on pushing sites to users, please contact our support team for more information.