Chat now with support
Chat with Support

Safeguard for Privileged Passwords On Demand Hosted - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Getting started with the desktop client Using the desktop client Activity Center Search box Privileged access requests Toolbox Accounts Account Groups Assets
General/Properties tab (asset) Accounts tab (asset) Account Dependencies tab (asset) Owners tab (asset) Access Request Policies tab (asset) Asset Groups tab (asset) Discovered SSH Keys (asset) Discovered Services tab (asset) History tab (asset) Managing assets
Asset Groups Discovery Entitlements Linked Accounts Partitions Profiles Settings
Access Request settings Appliance settings Asset Management settings Tags Backup and Retention settings Certificates settings Cluster settings Enable or Disable Services settings External Integration settings Password Management settings Real-Time Reports Safeguard Access settings SSH Key Management settings Security Policy Settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions About us

Access Request Policies tab (account)

In the desktop client, the Access Request Policies tab displays the entitlements and access request policies, including password and SSH key release policies and session request policies, associated with the selected account.

To access Access Request Policies:

  • desktop client: Navigate to Administrative Tools | Accounts | Access Request Policies.
Table 22: Accounts: Access Request Policies tab properties
Property Description

Entitlement

The name of the access request policy's entitlement.

Access Request Policy

The name of the access request policy that governs the selected account.

Accounts

The number of unique accounts in the account groups that are associated with the access request policy.

# Account Groups

The number of unique account groups in the access request policy.

Account Groups

The names of the account groups that associate the selected account with the policy.

Assets

The number of unique assets in the asset groups that are associated with the access request policy.

# Asset Groups

The number of unique assets groups in the access request policy.

Asset Groups

The names of the asset groups that associate the selected account with the policy.

Use these buttons on the details toolbar to manage your access request policies associated with the selected account.

Table 23: Accounts: Access Request Policies tab toolbar
Option Description

Add to Policy

Add the selected account to the scope of an access request policy.

Remove Selected

Remove the selected policy.

Refresh

Update the list of access request policies.

Details

View and edit details about the selected access request policy. For more information, see Creating an access request policy (desktop client).

Search

To locate a specific policy or set of policies in this list, enter the character string to be used to search for a match. For more information, see Search box.

Account Groups tab (account)

In the desktop client, the Account Groups tab displays the account groups that contain the selected account. The Account Groups tab is only available to a user with Auditor permissions.

To access Account Groups:

  • desktop client: Navigate to Administrative Tools | Accounts | Account Groups.
Table 24: Accounts: Account Groups tab properties
Property Description

Name

The account group name.

Dynamic

A check mark in this column indicates that the group is a dynamic account group.

Description

Information about the account group.

Use these buttons on the details toolbar to manage the account groups.

Table 25: Accounts: Access Request Policies tab toolbar
Option Description

Add Account Group

Add the selected account to one or more account groups.

Remove Selected

Remove the selected account group from the account.

Refresh

Update the list of account groups assigned to the selected account.

Search

To locate a specific account group in this list, enter the character string to be used to search for a match. For more information, see Search box.

Related Topics

Adding an account to one or more account groups

Dependent Assets (account)

The Dependent Assets tab only displays for a directory account and displays the assets that have dependency on the selected directory account. For more information, see Adding account dependencies.

To access Dependent Assets:

  • desktop client: Navigate to Administrative Tools | Accounts | Dependent Assets.
  • web client: Navigate to Asset Management | Accounts | (Edit) | Dependent Assets.
Table 26: Accounts: Dependent Assets tab properties
Property Description

Name

The Windows asset name.

Network Address

The network DNS name or IP address of the managed system.

Platform

The platform of the selected managed system.

Asset Partition

The partition where the Windows asset is assigned.

Use these buttons on the details toolbar to manage the dependent assets.

Table 27: Accounts: Access Request Policies tab toolbar
Option Description

Refresh

Update the list of dependent assets assigned to the selected account.

Search

To locate a specific dependent asset in this list, enter the character string to be used to search for a match. For more information, see Search box.

Check and Change Log tab (account)

The Check and Change Log tab displays the password and SSH key validation and reset history for the selected account.

By default, the check and change log entries displayed are for the last 24 hours. On the desktop client, click one of the time intervals at the top of the grid to display log entries for a different time frame. On the web client, use the Date Range drop-down to select a time frame to display. If the display does not refresh after selecting a different time interval, click the Refresh.

To access Check and Change Log:

  • desktop client: Navigate to Administrative Tools | Accounts | Check and Change Log.
  • web client: Navigate to Asset Management | Accounts | (Edit) | Check and Change Log.
Table 28: Accounts: Check and Change Log tab properties
Property Description
User The display name of the user that triggered the event
Status

The status of the transaction:

  • Failure
  • Success
  • Queued
Reason A system message pertaining to the password and SSH key validation and reset activity, such as the password matches the asset, was changed successfully, or does not match the asset.
Type

The type of transaction:

  • Check Password
  • Change Password
  • Check SSH Key
  • Change SSH Key

NOTE: Check and Change Log only displays events that the appliance performs; that is, it only displays check and change transactions. It does not display Set Password or Set SSH Key transactions. See:

Date/Time

The date of the transaction. The time stamps for transactions are based on the user's local time.

Duration The amount of time the transaction took to complete.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating