Chat now with support
Chat mit Support

One Identity Safeguard for Privileged Passwords 7.5.2 - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home page Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Global Services External Integration Real-Time Reports Safeguard Access Appliance Management Settings
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms Importing objects
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings
User Management Reports Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions

Search box

The search box can be used to filter the data being displayed. When you enter a text string into the search box, the results include items that have a string attribute that contains the text that was entered. This same basic search functionality is also available for many of the detail panes and dialogs, allowing you to filter the data displayed in the associated pane or dialog.

When searching for objects in the object lists, an attribute search functionality is also available where you can filter the results, based on a specific attribute. That is, the search term matches if the specified attribute contains the text. To perform an attribute search, click the icon to select the attribute to be searched.

Rules for using the search functionality:

  • Search strings are not case-sensitive. Exception: the Approvals and Reviews searches are case sensitive.
  • When you click on the search icon in the search bar you will see a drop down of available search attributes (columns) for the grid. This can be used in conjunction with the entered search strings.

    Some of the search attributes will also have an arrow to expand subsearches. These subsearches have pre-defined search strings.

  • By default, results are displayed in alphabetical order.
  • Wildcard searches are allowed.
  • Try using quotes and omitting quotes. As you use the product, you will become familiar with the search requirements for the search fields you frequent. Safeguard may perform a general search (for example, omits quotes) or a literal search (for example, includes quotes). Example scenarios follow:

    • On Appliance Management > Search, search strings must be an exact match because a literal search is performed. Do not add quotes or underlines. For example, from the Settings pane, enter password rule to return Safeguard Access > Local Password Rule. If you enter "password rule" or password_rule, the following message is returned: No matches found.
    • On the Users pane search box, you can use quotes in an attribute search if there are spaces in the search name. For example, entering the following in the search box Username: "ab misc2" returns: AB misc2.

  • When multiple search strings are included, all search criteria must be met in order for an object to be included in the results list. In the web client, if conflicting attributes are entered for the same search (for example, both true and false) then the results will expand to show all matches so long as they fit one of those attributes.
  • When you combine a string search and an attribute search, the order they are entered into the search box matters. The attribute searches can be in any order, but the string search must come after the attribute searches.
  • To search using dates and times in the web client, the following format is used: YYYY-MM-DDThh:mm:ss. For example, if you are searching for an entitlement that expires December 1, 2021 then you would use the following search: ExpirationDate:2021-12-01. To include a minimum and maximum value in a search, use .. to separate two values. For example, if you are searching for an entitlement that expires between December 1, 2021 and December 3, 2021 then you would use the following search: ExpirationDate:2021-12-01..2021-12-03.

To search for objects or object details

  1. Enter a text string in the Search box. As you type, the list displays items whose string attributes contain the text that was entered.

    Examples:

    • Enter T in the search box to search for items that contain the letter "T".
    • Enter sse to list all items that contain the string "sse," (such as "Asset").

    NOTE: The status bar along the bottom of the console shows the number of items returned.

  2. To clear the search criteria, click the button in the search box.

    When you clear the search criteria, the original list of objects is displayed.

You can also Search by attribute.

Search by attribute

The attributes available for searching are dependent on the type of object being searched. The search drop-down menu lists the attributes that can be selected.

API attributes can be searched

The drop-down menu lists a limited number of attributes that can be searched; however, you can perform an attribute search using the English name of any attribute as it appears in the API (for example, searching on Display Name would be DisplayName: <My Display Name>). Nested attributes can be chained together using a period (.). To see a list of all the attributes, see the API documentation. For more information about the API, see Using the API.

Entering the search string

  1. Click the icon and select the attribute to be searched.

    The selected attribute is added to the search box. For example, if you select Last Name then LastName: is added to the search box.

  2. In the search box, enter the text string after the colon in the attribute label.

    You can specify multiple attributes, repeating these steps to add an additional attribute to the search box. Do not add punctuation marks, such as commas or colons, to separate the different attributes. When multiple attributes are included, all search criteria must be met in order for an object to be included in the results list. In the web client, if conflicting attributes are entered for the same search (for example, both true and false) then the results will expand to show all matches so long as they fit one of those attributes.

    As you type, the list displays items whose selected attributes contain the text that was entered.

    NOTE: The status bar along the bottom of the console shows the number of items returned.

  3. To clear the search criteria, click the button.

    When you clear the search criteria, the original list of objects are displayed.

Exporting data

Throughout the web client, when an Export button appears above a table it indicates that the data appearing in the table can be exported as either a JSON or CSV file.

To export data

  1. Navigate to the page displaying the information to be exported. For example, if you want to export user information in order to see who can log into the product then you would navigate to the Users page.
  2. (Optional) Apply filters or search criteria to the displayed data.
  3. Click the Export button.
  4. On the export dialog, select CSV or JSON. Different information may be available depending on your selection. For example, when the data covers an array of information then the CSV will only report the number of items in the array whereas the JSON will contain the full list. This can be seen when exporting Account Groups data; the CSV will show the number of accounts in a group, but the JSON will show all of the information for all the accounts in a group.
  5. Click Fields to open the Export Fields dialog where you can select which fields to include in the report. The Export Fields dialog will be prepopulated with the selections made during the last export of data from the page.
  6. Click OK to save your selection.
  7. Click Sort By to open the Export Sort Order dialog where you can select the order in which to sort the previously selected fields. This allows you to organize the exported data according to your needs.
    • Add Sort Order: Use this button to add additional fields by which to sort the data.
    • Clear All Sort Orders: Use this button to clear all selected fields.
    • Drag up or down to change the sort order: When you have multiple sort orders, click and hold this icon with your cursor then drag the selected sort order to whichever spot in the list you want.
    • Order By: Use this drop-down to select a field by which to sort the data. Additional drop-downs are added using the Add Sort Order button. The Order By fields will be prepopulated with the selection(s) made during the last export of data from the page.
    • or Change Sort Direction: Clicking this button changes the sort direction for the field. For example, if you have selected FirstName in the Order By drop-down and as the sort direction, your exported data will order the results in alphabetical order based on FirstName.
    • : Clicking this button removes the associated Order By selection.
  8. Click OK to save your selection.
  9. Selecting the Limit Results check box displays the Number of results to include field which is used to limit the number of results that will be included in the exported file. The Number of results to include field will be prepopulated with the selection made during the last export of data from the page.
  10. Click Export.

Home page

Click Home to go to the home page. The Home page can be tailored to your role by allowing you to show or hide many of the tiles that can be displayed. For example, the page displays tiles for My Requests, Approvals, and Reviews, where each tile contains the number of tasks and their status, such as Available, Denied, Revoked, or Pending, and also the number of tasks Due Today.

For some administrator users, additional tiles for Appliance Resources, Cluster Status, Access Request Activity, Account Automation, and Running Tasks can also be displayed.

All users can choose to read the Message of the Day that the Appliance Administrator sets. For more information, see Message of the Day.

To set the displayed tiles on your home page, click Settings. The opening side sheet allows you to toggle the display of any of the tiles available to your role.

For Requesters

All users of Safeguard for Privileged Passwords have the right to submit an access request, if they have been assigned to an entitlement. A requester user can hide all tiles on the home page except for the My Requests and Most Recently Used Favorites. To submit an access request, see the following for more information:

After an access request has been submitted, the user can click the My Requests tile to view the requests awaiting action. For more information, see:

The Most Recently Used Favorites tile shows a list of up to 5 of your most recently used favorite requests.

For Approvers

An approver can be added to an access request policy to approve or deny an access request made by another user. An approver can hide all tiles on the home page except for the Approvals, unless the user is also responsible for other roles. For more information on approving access requests, see:

For Reviewers

A reviewer can be added to an access request policy to review completed access requests. A reviewer can hide all tiles on the home page except for the Reviews, unless the user is also responsible for other roles. For more information on reviewing access requests, see:

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen