Tchater maintenant avec le support
Tchattez avec un ingénieur du support

One Identity Safeguard for Privileged Passwords 8.0 LTS - Administration Guide

Introduction System requirements Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home page Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Global Services External Integration Real-Time Reports Safeguard Access Appliance Management Settings
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms Importing objects
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings
User Management Reports Vaults Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions

Enabling email notifications

For users to receive email notifications, there are a few things you must configure properly.

To enable email notifications

  1. Users must set up their email address correctly.
    1. Local users:
      1. The Authorizer Administrator or User Administrator sets this up in the user's Contact Information. For more information, see Adding a user..

        -OR-

      2. Users set this up in their My Account settings.
    2. Directory users must have their email set in the Active Directory or LDAP domain.
  2. The Appliance Administrator must configure the SMTP server. For more information, see Email..

TIP: You can setup email subscriptions to any email event type through the API: https://<Appliance IP>/service/core/swagger/ui/index#/EventSubscribers. For more information, see Using the API..

Email Events

The Email Events page is used for adding and managing the subscribers that receive emails for specific Safeguard for Privileged Passwords events.

Go to Email Events:

  • web client: Navigate to External Integration > Email Events.

The Email Events pane displays the following about the subscribers defined.

Table 46: Email Events: Properties
Property Description

Subscriber

The name of the email event recipient.

Description The description of the email event.

Shared

This column displays a check mark if all Appliance Administrators will see information on the email event subscription on their Email Events page.

# of Events The number of events sent in the email.

Use these toolbar buttons to manage the email event subscribers

Table 47: Email Event: Toolbar
Option Description
Add Add a new email event subscriber. For more information, see Add an email event.
Remove

Remove the selected email event from Safeguard for Privileged Passwords.

Edit Modify the email event.
Copy Clone the selected email event.

Show System Owned/

Hide System Owned

Use these buttons to either display or hide system owned email events from list.

Refresh Update the list of email events.

Send Test Event

  • To send a test message.
  • Add an email event

    It is the responsibility of the Appliance Administrator to add an event.

    To add an email event

    1. Navigate to External Integration > Email Event.
    2. Click Add to display the Email Events Subscription dialog.
    3. In the Email Events Subscription dialog, enter the following:

      1. Email Address: Enter the email address of the recipient or use the Browse button.

      2. Description: Enter the description of the event.
      3. Subscribe to All Events: Select this check box to subscribe to all events, including new events that may be added in the future. If unselected, select specific events.

        Make sure that the user creating the event has sufficient permission to receive all of the events configured. If the event is configured by a user with inadequate permissions to receive all the events that are configured, some events may not be received. If this happens, delete the email event and recreate it as a user that has sufficient permission.

      4. If you left Subscribe to All Events unselected, click Browse then select the check boxes of the Events to which you want to subscribe You can enter characters then click Search to limit the events that are displayed. Click OK.

    4. Click OK.

    Email Templates

    Safeguard for Privileged Passwords provides default email templates for most events, such as Cluster Primary Quorum Fails or Access Request Denied. Each event type triggers an email notification that uses the template.

    Go to Email Templates:

    • web client: Navigate to External Integration > Email Templates.

    Use these toolbar buttons to manage email templates.

    Table 48: Email template: Toolbar
    Property Description

    Reset

    Reset the selected template to the default.

    Edit

    Modify the selected email template.

    Refresh

    Update the list of email templates.

    Search

    To locate a specific template, enter the character string to be used to search for a match. For more information, see Search box..

    Macro properties

    Each event type supports specific macros in the template that are appropriate for that type of event. When editing a template, you can click Insert Event Property to select properties to insert into the text of the Subject line or Body using keywords surrounded by double braces. For example, you may select the following event properties in the Subject of your email:

    Access Policy Created {{EventDescription}} {{PolicyId}}

    Safeguard for Privileged Passwords ignores macros that are not supported by the event type. Unsupported macros appear blank in the email preview. Additionally, a warning message like the following may displays: Invalid format for BodyTemplate property.

    To edit an email template

    Modify an email template to change any information except the Event type. If you later want to revert to the original template, you can select the template then click Reset . To modify an email template, use the following steps.

    1. Go to Email Templates:
      • web client: Navigate to External Integration > Email Templates.
    2. In the Email Template grid, select the template to modify and click. Edit.
      1. Event: For more information, see Enabling email notifications..

      2. Subject: Edit the subject line for the email message.

        As you type, click  Insert Event Property Macro to insert predefined text into the subject line. For example, you may create the following subject line:

        Approval is required for {{Requester}}'s request

        where Safeguard for Privileged Passwords generates the data defined by the macro within the double braces.

        Limit: 1024 characters

      3. Reply to: Enter the email address of the person to reply to concerning this notification.

        Limit: 512 characters

      4. Body: Enter the body of the message.

        As you type, click  Insert Event Property Macro to insert predefined text into the body. For example, you may create the following body for an email template:

        {{Requester}} has requested the password for {{AccountName}} on {{AssetName}}

        where Safeguard for Privileged Passwords generates the data defined by the macro within the double braces.

        Limit: 16384 characters

      5. Preview Email: Select this link to display the Preview Email dialog so you can see how your email message will look.
      6. Click OK. The updated template is added to the Email Template grid.
    3. If you want to return to the default, select the email template then click Reset.
    Documents connexes

    The document was helpful.

    Sélectionner une évaluation

    I easily found the information I needed.

    Sélectionner une évaluation