Access Key
On the Connection tab, you can configure Safeguard for Privileged Passwords to authenticate to a managed system using an access key.
Table 63: Access Key authentication type properties
| Service Account |
Enter an account for Safeguard for Privileged Passwords to use for management tasks. For more information, see About service accounts. |
| Access Key ID |
Enter the unique identifier that is associated with the secret key. The access key ID and secret key are used together to sign programmatic AWS requests cryptographically.
Limit: 32 alphanumeric characters |
| Secret Key |
Enter a secret access key used to cryptographically sign programmatic Amazon Web Services (AWS) requests.
Limit: 40 alphanumeric characters; the + and the / characters are also allowed. |
| Test Connection |
Click this button to verify that Safeguard for Privileged Passwords can log in to this asset using the service account credentials you have provided. For more information, see About Test Connection. |
| Port |
Enter the port number to log in to the asset. |
| Connection Timeout |
Enter the connection timeout period.
Default: 20 seconds |
None
When the asset's Authentication Type on the Connection tab is set to None, Safeguard for Privileged Passwords does not manage any accounts associated with the asset and does not store asset related credentials.
All assets must have a service account in order to check and change the passwords for the accounts associated with the asset.
Select the Auto Accept SSH Host Key to have Safeguard for Privileged Passwords automatically accept the SSH host key when it creates the archive server. For more information, see Adding an archive server.
Attributes tab (add asset)
The Attributes tab is used to add attributes to directory assets, including Active Directory and LDAP. For more information, see Adding identity and authentication providers.
IMPORTANT: Some Active Directory attributes are fixed and cannot be changed.
Table 64: Active Directory and LDAP: Attributes tab
| Users |
| Object Class |
Default: user for Active Directory, inetOrgPerson for LDAP
Click Browse to select a class definition that defines the valid attributes for the user object class. |
| User Name |
sAMAccountName for Active Directory, cn for LDAP |
| Password |
userPassword for LDAP |
| Description |
description |
| Groups |
| Object Class |
Default: group for Active Directory, groupOfNames for LDAP
Click Browse to select a class definition that defines the valid attributes for the computer object class. |
| Name |
sAMAccountName for Active Directory, cn for LDAP |
| Member |
member |
| Computer Attributes |
|
|
Object Class |
Default: computer for Active Directory, ipHost for LDAP
Cllick Browse to select a class definition that defines the valid attributes for the computer object class. |
| Name |
cn |
|
Network Address |
dNSHostName for Active Directory, ipHostNumber for LDAP |
|
Operating System |
operatingSystem for Active Directory |
|
Operating System Version |
operatingSystemVersion for Active Directory |
|
Description |
description |
Checking an asset's connectivity
After you add an asset you can verify that Safeguard for Privileged Passwords can log in to it using the Check Connection option.
Note: When you run Test Connection from the asset's Connection tab (such as when you add the asset initially), you must enter the service account credentials. Once you add the asset to Safeguard for Privileged Passwords it saves these credentials.
The Check Connection option does not require that you enter the service account credentials because it uses the saved credentials to verify that it can log in to that asset.
To check an asset's connectivity
- Navigate to Administrative Tools | Assets.
- Select an asset in the object list then right-click to open the asset's context menu.
- Choose the Check Connection option.
Safeguard for Privileged Passwords displays a Toolbox task pane that shows the results.
Related Topics
About Test Connection
About service accounts
