サポートと今すぐチャット
サポートとのチャット

One Identity Safeguard for Privileged Passwords 8.0 LTS - Administration Guide

Introduction System requirements Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home page Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Global Services External Integration Real-Time Reports Safeguard Access Appliance Management Settings
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms Importing objects
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings
User Management Reports Vaults Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions

Time Zone

Safeguard for Privileged Passwords sets a default time zone based on the location of the person performing the set up. The time zone is expressed as UTC + or – hours:minutes and is used for timed access (for example, access from 9 a.m. to 5 p.m.). It is recommended that the Bootstrap Administrator set the desired time zone on set-up. An Authorizer Administrator can also change the time zone.

To configure the time zone

  1. Navigate to User Management > Settings > Time Zone.
  2. The User Administrator can search for and select the desired time zone.
  3. The User Administrator can change Allow users to modify their own time zone.
    • Enable the setting to let users change their time zone (the default).
    • Disable the setting to prohibit a user from changing their time zone, possibly to ensure the user conforms with policy.

Backup and Retention

Use the Backup and Retention settings to manage your Safeguard for Privileged Passwords backups and archive servers.

It is the responsibility of the Appliance Administrator to configure the Safeguard for Privileged Passwords backup and retention settings.

Go to Backup and Retention:

  • web client: Navigate to Backup and Retention.
Table 18: Backup and Retention settings
Setting Description
Archive servers Where you add and manage archive servers for storing backup files and session recordings.

Audit Log Maintenance

Where you define the audit logs to be archived and purged as well as a schedule for performing the audit log archival task.

Backup and Restore Where you initiate or schedule a backup, upload or download a backup file, or specify the archive server where a backup file is to be stored.
Backup Retention Where you enable (or disable) backup retention and set the maximum number of backup files you want Safeguard for Privileged Passwords to store on the appliance.

Authorize VM Compatible Backups

Where you authorize the download of Safeguard for Privileged Passwords hardware appliance backups which can then be uploaded and restored to a Safeguard for Privileged Passwords virtual machine.

About backups

One Identity Safeguard for Privileged Passwords backs up the following:

  • All settings, except:

    • Appliance IP address
    • Network Time Protocol (NTP) configurations
    • Domain Name System (DNS) configuration
  • Audit logs

  • All information about Safeguard for Privileged Passwords objects:

    • Accounts
    • Account groups
    • Assets
    • Asset groups
    • Entitlements
    • Partitions
    • Users
    • User groups

Safeguard for Privileged Passwords encrypts and signs the data before it makes it available for downloading to an off-appliance storage. Only a genuine Safeguard for Privileged Passwords Appliance can decrypt the backup after it is uploaded to the appliance. Backups downloaded from virtual appliances can only be uploaded and restored to a virtual appliance. Backups downloaded from hardware appliances can only be uploaded and restored to a hardware appliance. A hardware backup can be downloaded as virtual compatible once the hardware appliance has been authorized for VM Compatible Backups. A VM compatible backup can be uploaded and restored to a virtual appliance.

Archive servers

Archive servers are external physical servers where you store backup files and session recordings. Use the Archive Servers page on the Backup and Retention settings view to configure and manage archive servers.

You can configure an automatic backup schedule and specify which archive server will be used to automatically archive during a scheduled backup or when manually running a backup. For more information, see Backup settings..

For more information, see Archive backup..

To view and manage archive servers

  1. Navigate to Archive Servers settings:
    • web client: Navigate to Backup and Retention > Archive Servers.
  2. The Archive Servers page displays the following information about previously configured archive servers.
    • Name: The name of the archive server.
    • Archive Method: The transfer protocol type being used.
    • Network Address: The network DNS name or IP address used to connect to the server over the network.
    • Storage Path: The file path where you want to store backup files on the archive server.
    • Authentication Type: The type of authentication used to access the archive server, such as Password, Directory Account, or SSH Key.
    • SSH Host Key Fingerprint: The fingerprint of the SSH key that Safeguard for Privileged Passwords uses to authenticate to the asset.
    • Description: Information about the archive server.
  3. Use these tool bars buttons to perform operations.
    • Add: Add an archive server. For more information, see Adding an archive server..
    • Remove: Delete the selected archive server configuration.
    • Edit: Modify the selected archive server configuration.
    • Refresh: Update the list of archive server configurations.
関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択