Chat now with support
Chat mit Support

One Identity Safeguard for Privileged Passwords 6.9 - User Guide

Introduction System requirements and versions Search box Using the web client Getting started with the desktop client Using the desktop client Search box Privileged access requests About us

Privileged access requests

One Identity Safeguard for Privileged Passwords provides a workflow engine that supports time restrictions, multiple approvers, reviewers, emergency access, and expiration of policy. It also includes the ability to input reason codes and integrate directly with ticketing systems.

In order for a request to progress through the workflow process, authorized users perform assigned tasks. These tasks are performed from the user's Home page in the desktop client or web client.

As a Safeguard for Privileged Passwords user, your Home page provides a quick view to the access request tasks that need your immediate attention. In addition, an Administrator can set up alerts to be sent to users when there are pending tasks needing attention. For more information, see Configuring alerts.

The access request tasks you see on your Home page depend on the rights and permissions you have been assigned by an entitlement's access request policies. For example:

  • Requesters see tasks related to submitting new access requests, as well as actions to be taken once a request has been approved (for example, viewing passwords, copying passwords, launching sessions, and checking in completed requests).

    Requesters can also define favorite requests, which then appear on their Home page for subsequent use. This can be done from either the desktop client or web client:

  • Approvers see tasks related to approving (or denying) and revoking access requests.
  • Reviewers see tasks related to reviewing completed (checked in) access requests, including playing back a session if session recording is enabled.

The following three workflows are available:

Configuring alerts

All users are subscribed to the following email notifications; however, users will not receive email notifications unless they have been included in a policy as a requester (user), approver, or reviewer.

  • Access Request Approved
  • Access Request Denied
  • Access Request Expired
  • Access Request Pending Approval
  • Access Request Revoked
  • Password was Changed
  • SSH key was Changed
  • Review Needed

Toast notifications may also appear on your console when the desktop client application is not the active foreground application.

Toast notifications

Toast notifications are alerts that appear on your console when the desktop client application is not the active foreground application. For example, a toast notification may display when you are in another application or when you have minimized the One Identity Safeguard for Privileged Passwords desktop client.

(desktop client) To enable toast notifications

  1. In the desktop client, open  Settings (desktop client).
  2. Select the Enable Toast Notifications check box.

NOTE: When you select the Run in the System Tray check box, you cannot modify the toast notifications option because in that mode, you always get notifications.

Email notifications

You must configure One Identity Safeguard for Privileged Passwords properly for users to receive email notifications:

  • For Local users, you must set your email address correctly in the desktop client, My Account. For more information, see User information and log out (desktop client).
  • For Directory users, set your email correctly in the directory where your user resides.
  • Contact your Security Policy Administrator to ensure the access request policies are configured to notify people of pending access workflow events.
  • Contact your Appliance Administrator to ensure the SMTP server is configured for email notifications.
Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen