Once you have successfully added and profiled one or more hosts, and checked them for AD Readiness, you can remotely deploy software products to them from the management console.
To install Safeguard Authentication Services software on hosts
Note: The Install Software tool bar menu is enabled when you select hosts that are profiled.
The tool bar button will not be active if:
Note: You must install the Safeguard Authentication Services Agent and the Group Policy packages.
Note: If you do not see all of these software packages, verify the path to the software packages is correctly set in System Settings. Refer to Set the Safeguard Authentication Services Client Software Location on the Server in the management console online help for details.
Note: This task requires elevated credentials.
If you selected multiple hosts, it asks whether you want to use the same credentials for all the hosts (default) or enter different credentials for each host.
In order to manage access to a host using Safeguard Authentication Services for Active Directory, you must join the host to an Active Directory domain. Joining a host to a domain creates a computer account for that host. Once you have deployed and installed the Safeguard Authentication Services Agent software on a host, use the Join to Active Directory command on the All Hosts view's Join menu to join the host to an Active Directory domain.
To join hosts to Active Directory
Note: The Join to Active Directory tool bar menu is enabled when you select hosts that have the Safeguard Authentication Services Agent installed and are not joined to Active Directory.
The tool bar button will not be active if:
Use the same domain you entered when you performed the Check for AD Readiness.
Leave this field blank to generate a name based on the host's DNS name.
See Optional Join Commands in the management console online help for a list of commands available.
The user account you enter must have elevated privileges in Active Directory with rights to create a computer account for the host.
Note: This task requires elevated credentials. The management console pre-populates this information.
The Task Progress pane on the All Hosts view displays a progress bar and the final status of the tasks, including any failures or advisories encountered.
Getting acquainted with the Control Center
Adding an Active Directory group account
Adding an Active Directory user account
Changing the default Unix attributes
Active Directory account administration
Use Safeguard Authentication Services PowerShell
Once you have successfully installed Safeguard Authentication Services, you will want to learn how to do some basic system administration tasks using the Control Center and Management Console for Unix.
Safeguard Authentication Services consists of plugins, extensions, security modules, and utilities spread across nearly every operating system imaginable. The Control Center pulls those parts together and provides a single place for you to find the information and resources you need.
Control Center installs on Windows and is a great starting place for new users to get comfortable with some of Safeguard Authentication Services' capabilities.
You can launch the Control Center from the Start menu or by double-clicking the desktop icon, or by double-clicking the Control Center application file from %SystemDrive% :\Program Files (x86)\Quest Software\Authentication Services.
Control Center pane | Description |
---|---|
Home |
The Welcome page provides information about how to use the Control Center tools and features. |
Management Console |
You can run the One Identity Management Console for Unix management console within the Control Center or you can run it separately in a supported web browser. The management console is a separate install on Windows, Unix, Linux, or macOS that you can launch from the ISO. Typically, you install one management console per environment to avoid redundancy. One Identity does not advise managing a Unix host by more than one management console in order to avoid redundancy and inconsistencies in stored information. If you manage the same Unix host by more than one management console, you should always re-profile that host to minimize inconsistencies that may occur between instances of the management consoles. |
Group Policy | The Control Center provides the ability to search on Active Directory Group Policy Objects that have Unix and macOS settings defined. Also provides links to edit these GPOs and run reports that show the detailed settings of the Group Policy Objects. |
Tools | The Control Center provides links to additional tools and resources available with Safeguard Authentication Services. A great starting place for anyone new to the product. |
Preferences |
The Control Center allows you to centrally manage the default values generated by the various Safeguard Authentication Services management tools, including the ADUC snap-in, the PowerShell cmdlets, and the Unix command-line tools. |
Log into remote host | The Control Center provides a simple SSH client (built on PuTTY) for remote access to Unix systems; simplifies new installs from having to find and install a separate PuTTY client. |
To run the Control Center, you must be logged in as a domain user. To make changes to global settings, you must have rights in Active Directory to create, delete, and modify objects in the Safeguard Authentication Services configuration area of Active Directory.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Conditions d’utilisation Confidentialité Cookie Preference Center