Chat now with support
Chat mit Support

Safeguard Remote Access Hosted - Administration Guide

Introduction Prerequisites Limitations Getting started Administrator-side use cases User-side use cases Appendix Glossary

Starting the One Identity Safeguard Remote Access trial

To start the One Identity Safeguard Remote Access trial

  1. From the One Identity Starling home page (https://www.cloud.oneidentity.com/) click Sign in to Starling.

  2. Navigate to Services.

  3. Under Starling Remote Access, click Trial

    Figure 3: Services > Trial - Starting the One Identity Safeguard Remote Access trial

  4. Select Your Location and click Confirm.

    The One Identity Safeguard Remote Access trial appears under your My Services list. You can monitor your trial expiration date here.

  5. Click the One Identity Safeguard Remote Access trial.

Configure One Identity Safeguard for Privileged Sessions

This section describes the various settings and policies that you must configure in One Identity Safeguard for Privileged Sessions (SPS) to join the appliance to One Identity Starling and integrate with One Identity Safeguard Remote Access (SRA).

The configuration pages referenced in this section are applicable to the web interface of SPS and are written in bold. For example, Basic Settings > Network.

Configuring Usermapping policy

In a typical One Identity Safeguard Remote Access (SRA) use case, the end-user and the user on the (target) server are different. The end-user is identified by their email address and the server user is typically identified by an administrative account name like root or Administrator. One Identity Safeguard for Privileged Sessions (SPS) does not allow different end-user (called gateway user in SPS) and server user by default in a connection. Therefore, you must apply a Usermapping policy on the Connection policy.

To create a new Usermapping policy

  1. Navigate to Policies > Usermapping policies.

  2. Add a new policy (Username on the server and Groups).

Example: Creating a new Usermapping policy

As an example, the following policy allows any kind of user mapping.

  • Username on the server: *

  • Group: all

Figure 4: Policies > Usermapping policies - Creating usermapping policies

For more information on HTTPS proxy setting, refer to the One Identity Safeguard for Privileged Sessions Administration Guide or part of it in Configuring usermapping policies in the Appendix.

Configuring a Credential store

Configuring a credential store is an optional step for both RDP and SSH connection policies.

To enable password-less login to target servers

  1. Create a local credential store.

  2. Setup login credentials to the target server.

Figure 5: Policies > Credential stores — Creating local credential stores

For more information on HTTPS proxy setting, refer to the One Identity Safeguard for Privileged Sessions Administration Guide or part of it in Configuring local Credential Stores and Using credential stores for server-side authentication in the Appendix.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen