Tchater maintenant avec le support
Tchattez avec un ingénieur du support

One Identity Safeguard for Privileged Passwords 8.0 LTS - Administration Guide

Introduction System requirements Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home page Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Global Services External Integration Real-Time Reports Safeguard Access Appliance Management Settings
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms Importing objects
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings
User Management Reports Vaults Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions

Owners tab (account)

The Owners tab displays information about the owners associated with the account (and its associated assets). For more information on altering the owners assigned via tags, see Modifying an asset or asset account tag.

To access Owners:

  • web client: Navigate to Asset Management > Accounts > (View Details) > Owners.

The Owners tab has three views: Account Owners, Asset Owners, and Partition Owners.

Table 75: Accounts: Owners tab properties
Property Description

Account Owners

Type

The type of owner.

Name

The name of the owner.

Provider

The name of the authentication provider.

Direct

This column indicates the ownership of the object was assigned directly rather than through the use of a tag.

Via Tag

This column indicates the ownership of the object was assigned through the use of a tag.

Asset Owners

Type

The type of owner.

Name

The name of the owner.

Provider

The name of the authentication provider.

Direct

This column indicates the ownership of the object was assigned directly rather than through the use of a tag.

Via Tag

This column indicates the ownership of the object was assigned through the use of a tag.

Partition Owners

Type

The type of user or group.

Name

The name of the user or group.

Provider

The name of the authentication provider.

Use the following buttons on the details toolbar to manage the objects owned by the selected account.

Table 76: Accounts: Owners toolbar
Option Description

Add

Add one or more users or user groups to the selected account. For more information, see Adding users or user groups to an account.

Remove

Remove the selected object from being a manager of the selected account. You can only remove objects directly assigned to an account (as opposed to those assigned via the use of a tag).

Export

Use this button to export the listed data as either a JSON or CSV file. For more information, see Exporting data.

Refresh

Update the list of owners/managers.

Search

To locate a specific object in this list, enter the character string to be used to search for a match. For more information, see Search box..

Dependent Assets (account)

The Dependent Assets tab only displays for a directory account and displays the assets that have dependency on the selected directory account. Adding account dependencies.

To access Dependent Assets, in the web client, navigate to Asset Management > Accounts > View Details > Dependent Assets.

Table 77: Accounts: Dependent Assets tab properties

Property

Description

Name

The Windows asset name.

Network Address

The network DNS name or IP address of the managed system.

Platform

The platform of the selected managed system.

Asset Partition

The partition where the Windows asset is assigned.

Use these buttons on the details toolbar to manage the dependent assets.

Table 78: Accounts: Dependent Assets tab toolbar

Option

Description

Refresh

Update the list of dependent assets assigned to the selected account.

Search

To locate a specific dependent asset in this list, enter the character string to be used to search for a match. For more information, see For more information, see Search box..

Access Request Policies (account)

The Access Request Policies tab displays the entitlements and access request policies, including password and SSH key release policies and session request policies, associated with the selected account. This information is available to users that have both Asset Administrator and Policy Administrator permissions.

To access Access Request Policies, in the web client, navigate to Asset Management > Accounts > View Details > Access Request Policies.

Table 79: Accounts: Access Request Policies tab properties

Property

Description

Entitlement

The name of the access request policy's entitlement.

Access Request Policy

The name of the access request policy that governs the selected account.

Accounts

The number of unique accounts in the account groups that are associated with the access request policy.

# Account Groups

The number of unique account groups in the access request policy.

Account Groups

The names of the account groups that associate the selected account with the policy.

Assets

The number of unique assets in the asset groups that are associated with the access request policy.

# Asset Groups

The number of unique assets groups in the access request policy.

Asset Groups

The names of the asset groups that associate the selected account with the policy.

Use these buttons on the details toolbar to manage the dependent assets.

Table 80: Accounts: Access Request Policies tab toolbar

Option

Description

Add to Policy

Add the selected account to the scope of an access request policy.

Remove Selected

Remove the selected policy.

Refresh

Update the list of dependent assets assigned to the selected account.

Search

To locate a specific dependent asset in this list, enter the character string to be used to search for a match. For more information, see Search box..

Check and Change Log tab (account)

The Check and Change Log tab displays the password and SSH key validation and reset history for the selected account.

By default, the check and change log entries displayed are for the last 24 hours. On the web client, use the Date Range drop-down to select a time frame to display and use Export to export the listed data as either a JSON or CSV file (for more information, see Exporting data). If the display does not refresh after selecting a different time interval, click the Refresh.

To access Check and Change Log:

  • web client: Navigate to Asset Management > Accounts > (View Details) > Check and Change Log.

Table 81: Accounts: Check and Change Log tab properties
Property Description

User

The display name of the user that triggered the event.

Status

The status of the transaction:

  • Failure

  • Success

  • Queued

Reason

A system message pertaining to the password and SSH key validation and reset activity, such as the password matches the asset, was changed successfully, or does not match the asset.

Type

The type of transaction:

  • Check Password

  • Change Password

  • Check SSH Key

  • Change SSH Key

NOTE: Check and Change Log only displays events that the appliance performs; that is, it only displays check and change transactions. It does not display Set Password or Set SSH Key transactions. See:

Date/Time

The date of the transaction. The timestamps for transactions are based on the user's local time.

Duration

The amount of time the transaction took to complete.

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation