立即与支持人员聊天
与支持团队交流

One Identity Safeguard for Privileged Passwords 7.0 LTS - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Enable or Disable Services External Integration Real-Time Reports Safeguard Access
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings Reasons
User Management Reports Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions About us

Adding users or user groups to an entitlement

When you add users to an entitlement, you are specifying which people can request passwords to the accounts governed by the selected entitlement's access request policies, or which people can request sessions for the accounts and assets governed by the selected entitlement's access request policies. A user can be a Sessions Appliance certificate user. For more information, see Session Appliances with SPS link.

It is the responsibility of the Security Policy Administrator to add users to entitlements. The Security Policy Administrator only has permission to add groups, not users. For more information, see Administrator permissions.

To add requester users to an entitlement

  1. Navigate to Security Policy Management | Entitlements.
  2. In Entitlements, select an entitlement from the list and click the Users tab.
  3. Click  Add Users or Add User Groups from the details toolbar.
  4. Select one or more users or user groups from the list in the Users or User Groups dialog.
  5. Click OK.

Deleting an access request policy

IMPORTANT: When you delete a policy, Safeguard for Privileged Passwords deletes it permanently, but it does not delete the accounts governed by the policy.

To delete an access request policy from an entitlement

  1. Navigate to Security Policy Management | Entitlements.
  2. In Entitlements, select an entitlement from the list and open the Access Request Policies tab.
  3. Select a policy.
  4. Click Delete.
  5. Confirm your request.

Modifying an access request policy

Access request polices can be migrated. For more information, see Creating an access request policy.

To modify an access request policy

  1. Navigate to Security Policy Management | Entitlements.
  2. In Entitlements, select an entitlement and open the Access Request Policies tab.
  3. Double-click a policy, or select a policy and click Edit.
  4. Select the tab of the policy's information you want to modify.

Copying an access request policy

You cannot copy a policy and add it to another entitlement; policies are entitlement-specific.

To copy an access request policy

  1. Navigate to Security Policy Management | Entitlements.
  2. In Entitlements, select an entitlement from the list and open the Access Request Policies tab.
  3. Choose a policy and click Create a New Access Policy from the Selected Row.
  4. Edit the new policy's settings as desired.
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级