On the History tab, administrators can view or Export the details of each operation that has affected the selected use on the History tab (except for Asset Administrators).
To access History:
Table 220: Users: History tab properties
Date/Time |
The date and time of the event |
User |
The display name of the user that triggered the event |
Source IP |
The network DNS name or IP address of the managed system that triggered the event |
Object Name |
The name of the selected user. |
Event |
The type of operation made to the selected user:
- Create
- Delete
- Update
- Add Membership
- Remove Membership
NOTE: A membership operation indicates a "relationship" change with a related or parent object such as the selected user was added or removed from the membership of a user group or entitlement. |
Related Object |
The name of the related object. |
Related Object Type |
The type of the related object. |
Parent |
The name of the object to which the selected user is a child. |
Parent Object Type |
The parent object type. |
Use the controls and tabbed pages on the Users page to perform the following tasks to manage Safeguard for Privileged Passwords users:
It is the responsibility of either the Authorizer Administrator or the User Administrator to add Safeguard for Privileged Passwords users.
To add a user
- Navigate to User Management > Users.
- In Users, click Add from the toolbar.
-
In the New User dialog, provide information in each of the tabs:
On the Identity tab, choose an identity provider from the list of available providers. When adding a user from an external identity provider such as Microsoft Active Directory, Safeguard for Privileged Passwords imports read-only contact information from the source, however, you can change the user photo.
Use valid combinations of identity and authentication providers. For more information, see Identity and Authentication.
Table 221: User: Identity tab properties
Identity Provider |
The source of the user's identity. Safeguard for Privileged Passwords comes with a built-in identity provider called Local that will allow you to manually enter user information that is stored directly in Safeguard for Privileged Passwords. Or you can select an Active Directory or LDAP server that you have previously configured and then browse for a user. Safeguard for Privileged Passwords will periodically synchronize with the directory to keep the information up to date.
Indicate how the user's identity is managed by Safeguard for Privileged Passwords:
- Local
- Active Directory
- LDAP
- Starling
|
Browse
(Active Directory, Starling, or LDAP) |
If the identity provider is Active Directory, Starling, or LDAP, click the Browse button to choose a username. The remaining fields are auto-populated. |
Username
(Local provider) |
Enter the user's name that displays in the application. This is not the Login name which is set on the Authentication tab (add user). |
First Name
(Local provider) |
Enter the user's first name.
Limit: 30 characters; no double quotes. |
Last Name
(Local provider) |
Enter the user's last name.
Limit: 30 characters; no double quotes |
Work Phone
(Local provider) |
Enter the user's work telephone number.
Limit: 30 characters |
Mobile Phone
(Local provider) |
Enter the user's mobile telephone number.
Limit: 30 characters |
Email
(Local provider) |
Enter the user's email address.
Limit: 255 characters
NOTE: Required for approvers using the Cloud Assistant feature and OneLogin MFA as their authentication provider. In addition, OneLogin MFA requires the email address entered in this field be identical to the email address configured in OneLogin. |
Description
(Local provider) |
Enter information about this user.
Limit: 255 characters. |
Time Zone |
Select the user's time zone.
Because Microsoft Active Directory does not have a Time Zone attribute, when you add a directory group, the default time zone is set for all imported accounts to (UTC) Coordinated Universal Time. To reset the time zone, open each imported account in Users and modify the Time Zone on this Location tab. |