Chat now with support
Chat mit Support

One Identity Safeguard for Privileged Passwords 7.5.2 - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home page Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Global Services External Integration Real-Time Reports Safeguard Access Appliance Management Settings
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms Importing objects
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings
User Management Reports Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions

Adding a partition

It is the responsibility of the Asset Administrator to add partitions to Safeguard for Privileged Passwords. When you create a new partition, Safeguard for Privileged Passwords creates a corresponding default profile with default schedules and rules. For more information, see Setting a default profile..

To add a partition

  1. Navigate to Asset Management > Partitions.
  2. Click  New Partition from the toolbar.
  3. In the Partition dialog, enter the following information:
    1. Name: Enter a unique name for the partition. Limit: 50 characters.

    2. Description: (Optional) Enter information about this partition. Limit: 255 characters.

  4. Click OK to save the partition.

When you create a new partition, Safeguard for Privileged Passwords creates a corresponding default profile with default schedules and rules. You can:

Adding assets to a partition

Use the Assets tab on the Partitions view to add one or more assets to a partition. When you assign an asset to a partition, all the accounts associated with that asset are assigned to that partition, as well.

You can only assign an asset to one partition at a time. When you assign an asset to a partition, all accounts associated with that asset are automatically reassigned to that partition, as well. Then, any new accounts you add for that asset are automatically assigned to that partition.

You can reassign the asset to another partition either from the scope of the other partition or from an asset's General properties. For more information, see Assigning an asset to a partition..

When you associate an asset to a partition, all the accounts associated with that asset, are also added to the scope of that partition. For more information, see About profiles..

To add assets to a partition

  1. Navigate to Asset Management > Partitions.
  2. In Partitions, select a partition from the object list and click Edit.
  3. Open the Assets tab.
  4. Click  Add Asset from the details toolbar.
  5. On the Select assets to add to partition dialog, select one or more assets.
  6. Click Select Assets.

If you do not see the asset you are looking for and are an Asset Administrator, you can create it in the dialog by clicking  New Asset. For more information, see Adding an asset.

Adding an account to a partition

On the web client, use the Accounts tab on the Partitions view to add an account to a partition.

You can manage tasks and services on a domain controller (DC) asset. For more information, see Using a domain controller (DC) asset..

To add an account to an asset

  1. Navigate to Asset Management > Partitions.

  2. Select a partition and click View Details.

  3. Open the Accounts tab.

  4. Click New Account from the details toolbar.
  5. In the Select the asset for the new account dialog, select an asset to associate with this account then click Select Asset.

  6. In the New Account dialog, enter the following information:

    • On the General tab:

      • Name:

        • Local account: Enter the login user name for this account. Limit: 100 characters.
        • Directory Account: Browse to find the account.
      • Description: (Optional) Enter information about this managed account. Limit: 255 characters.

    • On the Management tab:

      • Enable Password Request: This check box is selected by default, indicating that password release requests are enabled for this account. Clear this option to prevent someone from requesting the password for this account. By default, a user can request the password for any account in the scope of the entitlements in which they are an authorized user.

      • Enable Session Request: This check box is selected by default, indicating that session access requests are enabled for this account. Clear this option to prevent someone from requesting session access using this account. By default, a user can make an access request for any account in the scope of the entitlements in which they are an authorized user.

      • Available for use across all partitions (Only available for some types of directory accounts): When selected, any partition can use this account and the password is given to other administrators. For example, you can use this account as a dependent account or a service account for other assets. Potentially, you might have assets that are running services as the account, and you can update those assets when the service account changes.If not selected, partition owners and other partitions will not know that the account exists. Although archive servers are not bound by partitions, you must select this option for the directory account for the archive server to be configured with the directory account. You must also select this option to use the directory account as a service account when configuring an email server.

  7. Click OK.

Removing assets from a partition

You cannot remove assets from a partition.

You can reassign the asset to another partition either from the scope of the other partition or from an asset's General properties. For more information, see Assigning an asset to a partition..

When you associate an asset to a partition, all the accounts associated with that asset, are also added to the scope of that partition. For more information, see About profiles..

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen