サポートと今すぐチャット
サポートとのチャット

One Identity Safeguard for Privileged Passwords 6.9 - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Getting started with the desktop client Using the desktop client Search box Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificates settings Cluster settings Enable or Disable Services settings External Integration settings Messaging settings (desktop client) Password Management settings Real-Time Reports Safeguard Access settings SSH Key Management settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions About us

Viewing SSH key archive

The Asset Administrator can access a previous SSH key for an account for a specific date.

The SSH Key Archive dialog only displays previously assigned SSH keys for the selected asset based on the date specified. This dialog does not display the current SSH key for the asset. The SSH key archive is never purged.

You view an account's SSH key validation and reset history on the Check and Change Log tab.

To access an account's previous SSH key

  1. Navigate to Administrative Tools | Accounts.
  2. In Accounts, right-click an account name and choose SSH Key Archive.

    Or, click SSH Key Archive from the toolbar.

  3. In the SSH Key Archive dialog, select a date. If you select today's date (or a previous date) and no entries are returned, this indicates that the asset is still using the current SSH key.

  4. In the View column, click to display the SSH key that was assigned to the asset at that given date and time.
  5. In the details dialog, click Copy to copy the SSH key to your copy buffer, or click OK to close the dialog.

Account Groups

A Safeguard for Privileged Passwords account group is a set of accounts which you can add to the scope of an access request policy. For more information, see Creating an access request policy.

The Auditor and the Security Policy Administrator have permission to access Account Groups.

The Account Groups view displays the following information about the selected account group.

Use these toolbar buttons to manage account groups.

General tab (account group)

The General tab lists information about the selected Account Group.

Large tiles at the top of the tab display the number of Accounts and Access Request Policies associated with the selected account group.

Table 32: Account Groups General tab: General properties
Property Description

Name

The selected account group's name

Account Rules

For dynamic account groups, a summary of the asset account rules defined

Description

Information about the selected account group

Related Topics

Modifying an account group

Accounts tab (account group)

The Accounts tab displays the accounts associated with the selected account group.

Click Add Account from the details toolbar to add one or more accounts to the selected account group.

Search: For more information, see Search box.

You can double-click an account name in the grid to see details for the account. For more information, see Accounts.

Table 33: Account Groups: Accounts tab properties
Property Description

Name

Name of the account belonging to the selected account group.

Parent

The asset to which the account belongs.

Domain

For directory accounts, the name of the domain the account is associated with.

Ignored

A check in this column indicates that the account is not managed.

Service Account

A check in this column indicates that the account is a service account.

Password Request

A check in this column indicates that password release requests are enabled for this account.

Session Request

A check in this column indicates that session access requests are enabled for this account.

SSH Key Request

A check in this column indicates that SSH key access requests are enabled for this account.

Password

A check in this column indicates that a password is set for the selected account. For more information, see Checking, changing, or setting an account password.

SSH Key

A check in this column indicates that an SSH key is set for the selected account. For more information, see Checking, changing, or setting an SSH key.

Description

Information about the account.

Use these buttons on the details toolbar.

Table 34: Account Groups: Access Request Policies tab toolbar
Option Description
Add Account

To add one or more accounts to the account group you selected.

Remove Selected

Remove the selected account.

Refresh Update the list of accounts.
Search

To locate a specific account in this list, enter the character string to be used to search for a match. For more information, see Search box.

Related Topics

Adding one or more accounts to an account group

Modifying an account group

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択