지금 지원 담당자와 채팅
지원 담당자와 채팅

One Identity Safeguard for Privileged Passwords 6.13.1 - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Getting started with the desktop client Using the desktop client Activity Center Search box Privileged access requests Toolbox Accounts Account Groups Assets
General/Properties tab (asset) Accounts tab (asset) Account Dependencies tab (asset) Owners tab (asset) Access Request Policies tab (asset) Asset Groups tab (asset) Discovered SSH Keys (asset) Discovered Services tab (asset) History tab (asset) Managing assets
Asset Groups Discovery Entitlements Linked Accounts Partitions Profiles Settings
Access Request settings Appliance settings Asset Management settings Tags Backup and Retention settings Certificates settings Cluster settings Enable or Disable Services settings External Integration settings Password Management settings Real-Time Reports Safeguard Access settings SSH Key Management settings Security Policy Settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions About us

Adding an Asset Discovery job

You can add a new Asset Discovery job.

General tab (asset discovery)

Navigate to:

  • desktop client: Navigate to Administrative Tools | Discovery | Asset Discovery | (add or edit a Asset Discovery job).
  • web client: Asset Management | Discovery | Assets | (add or edit a Asset Discovery job).

On the General tab, supply general information about the Asset Discovery job and identify the partition where you want Safeguard for Privileged Passwords to add the assets it discovers.

Table 97: Discovery: General properties
Property Description
Name

Enter a name for the Asset Discovery job.

Limit: 50 characters

Description

Enter information about this Asset Discovery job.

Limit: 255 characters

Partition

Use Browse to select the partition in which to manage the discovered assets. You can also add a new partition from the Partitions dialog (accessed via the Browse button) by clicking Create New.

IMPORTANT: You cannot change the partition after you save this discovery job.

( desktop client only) Method

Choose a type of discovery:

  • Directory
  • Network Scan

If you select Directory, directory assets that are shared can be discovered into any partition. Directories include Active Directory or LDAP. See Directories that can be searched in Supported platforms.

To share a directory asset, select Available for discovery across all partitions for the asset; see Management tab (add asset desktop client). If the check box is not selected, the asset is not shared and the asset will only be discovered into the partitions to which the directory asset is assigned.

In the web client, this setting is available on the Information tab (asset discovery)

Information tab (asset discovery)

Navigate to:

  • desktop client: Navigate to Administrative Tools | Discovery | Asset Discovery | (add or edit a Asset Discovery job).
  • web client: Asset Management | Discovery | Assets | (add or edit a Asset Discovery job).

On the Information tab, define the directory or network information for the discovery job.

Table 98: ( web client) Discovery Type
Property Description
Discovery Type

Choose a type of discovery:

  • Directory
  • Network

If you select Directory, directory assets that are shared can be discovered into any partition. Directories include Active Directory or LDAP. See Directories that can be searched in Supported platforms.

To share a directory asset, select Available for discovery across all partitions for the asset; see Management tab (add asset desktop client). If the check box is not selected, the asset is not shared and the asset will only be discovered into the partitions to which the directory asset is assigned.

In the desktop client, this setting is available on the General tab (asset discovery).

Table 99: Discovery: Information properties for Directory scans
Property Description
Directory

Select the Directory on which to run the Asset Discovery job.

Table 100: ( desktop client) Discovery: Information properties for Network scans
Property Description
Enable OS Detection

This check box is selected by default, indicating that OS fingerprinting is to be used to detect the operation system being used. Clear this check box if you do not want to use the OS fingerprinting process.

IPv4 Range

(IPv6 scans are not supported.)

Enter a range of IPv4 addresses to scan:

  • Starting IP Address
  • Ending IP Address

Click  Add or  Delete to add or remove IPv4 address range sets.

Advanced  
Exclude IP

Safeguard for Privileged Passwords allows you to exclude an IP address within a specified IPv4 range from the scan.

Click  Add to exclude an IP address from the scan.

Click  Delete to remove the corresponding excluded IPv4 address and include that IP address in the scan.

Table 101: ( web client) Discovery: Information properties for Network scans
Property Description
Enable OS Detection

This check box is selected by default, indicating that OS fingerprinting is to be used to detect the operation system being used. Clear this check box if you do not want to use the OS fingerprinting process.

Starting IP Address

Enter a starting IPv4 address. All IPv4 addresses between this IPv4 address and the IPv4 address entered in the Ending IP Address field will be included in the discovery.

NOTE: IPv6 scans are not supported.

Ending IP Address

Enter an ending IPv4 address. All IPv4 addresses between this IPv4 address and the IPv4 address entered in the Starting IP Address field will be included in the discovery.

NOTE: IPv6 scans are not supported.

Exclude IP

Safeguard for Privileged Passwords allows you to exclude an IP address within a specified IPv4 range from the scan.

Click  Add to exclude an IP address from the scan.

Click  Delete to remove the corresponding excluded IPv4 address and include that IP address in the scan.

Rules/Asset Discovery Rules tab (asset discovery)

Navigate to:

  • desktop client: Navigate to Administrative Tools | Discovery | Asset Discovery | (add or edit a Asset Discovery job).
  • web client: Asset Management | Discovery | Assets | (add or edit a Asset Discovery job).

Use the Rules/Asset Discovery Rules tab to govern the discovered assets.

Discovery details
  • Once Safeguard for Privileged Passwords creates an asset, it will not attempt to re-create it or modify the asset if the asset is rediscovered by a different job.
  • Any SSH host keys encountered in discovery will be automatically accepted.
  • You can configure multiple rules for an Asset Discovery job. When Safeguard for Privileged Passwords runs the Asset Discovery job, if it finds an asset with more than one rule, it applies the connection and profile settings of the first rule that discovers the asset.
관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택