지금 지원 담당자와 채팅
지원 담당자와 채팅

One Identity Safeguard for Privileged Passwords 7.0 LTS - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Enable or Disable Services External Integration Real-Time Reports Safeguard Access
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings Reasons
User Management Reports Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions About us

Properties tab (user)

The Properties tab lists information about the selected user.

To access Properties:

  • web client: Navigate to User Management | Users | (View Details) | Properties.

Table 204: Users Properties tab: Authentication properties
Property Description

Identity

 

Identity Provider

The source from which the user’s personal information comes from and is synchronized with.

Username A user's display name.

First Name

The user's first name.

Last Name

The user's last name.

Work Phone

The user's work telephone number.

Mobile Phone

The user's mobile telephone number.

Email The user's email address.

Description

The description text entered the user information was added or updated. This may be entered on the User dialog, Identity tab in the Description text box.

Location

User can change their time zone, by default. Or, the User Administrator can prohibit a user from changing the time zone, possibly to ensure adherence to policy. For more information, see Time Zone.

Authentication

 
Authentication Provider

How the user authenticates with Safeguard for Privileged Passwords:

  • Certificate: with a certificate
  • Local: with a user name and password
  • Directory name: with directory credentials

Login name

The identifier the user logs in with.

Domain Name

If the primary Authentication Provider is a directory, this indicates the directory's domain name.

Distinguished Name

The distinguished name for authentication.

Secondary Authentication

If you set up a user to require secondary authentication, this indicates the name of this user's secondary authentication service provider.

Secondary Authentication Username

The name of the user account on the secondary authentication service provider required at log in.

Password Never Expires

When enabled, this field indicates the password associated with the user does not expire.

User Must Change Password at Next Login

When enabled, this field indicates the user will be prompted to change their password the next time they login.

Permissions

 
Permissions

Lists the user's administrator permissions or "Standard User" if user does not have administrative permissions.

User Groups tab (user)

The User Groups tab displays the user groups in which the selected user is a member.

The User Groups tab is available to a user with Auditor or Security Policy Administrator permissions and to the User Administrator for directory users (not for local users).

To access User Groups:

  • web client: Navigate to User Management | Users | (View Details) | User Groups.

Use the following buttons on the details toolbar to manage the user groups associated with the selected user.

Table 205: Users: User Groups toolbar
Option Description

Add

Add the user to one or more user groups to the user. For more information, see Adding a user to user groups.

Remove

Remove the selected user group from the selected user.

Export

Use this button to export the listed data as either a JSON or CSV file. For more information, see Exporting data.

Refresh

Retrieve and display an updated list of user groups associated with the selected user.

Search

To locate a specific user group in this list, enter the character string to be used to search for a match. For more information, see Search box.

Entitlements tab (user)

The Entitlements tab displays the entitlements in which the selected user is a member. The Entitlements tab is only available to a user with Auditor or Security Policy Administrator permissions.

To access Entitlements:

  • web client: Navigate to User Management | Users | (View Details) | Entitlements.
Table 206: Users: Entitlements tab properties
Property Description
Name

The name of the entitlements in which the selected user is assigned as a user.

Description

The description of the entitlement.

Policies The number of unique access request policies in the entitlement.
Accounts

The number of unique accounts in the selected entitlement.

Users The number of unique users in the entitlement.
User Groups

The names of the user groups that associate the selected user to the entitlement.

NOTE: If the selected user is associated with the entitlement explicitly and not through user group membership, then this column is blank and the Direct Member column is True.

Direct Member

Indicates True if the selected user was explicitly added to the entitlement as a user. For more information, see Adding users or user groups to an entitlement.

Use the following buttons on the details toolbar to manage the entitlements associated with the selected user.

Table 207: Users: Entitlements tab toolbar
Option Description

Add

Add the selected user as a user of one or more entitlements. For more information, see Adding a user to entitlements.

Remove

Remove the user from the selected entitlement.

Export

Use this button to export the listed data as either a JSON or CSV file. For more information, see Exporting data.

Refresh

Update the list of entitlements.

Search

To locate a specific entitlement or set of entitlements in this list, enter the character string to be used to search for a match. For more information, see Search box.

History (user)

On the History tab, administrators can view or  Export the details of each operation that has affected the selected use on the History tab (except for Asset Administrators).

To access History:

  • web client: Navigate to User Management | Users | (View Details) | History.

    The top of the History tab contains the following information:

    • Date Range: By default, the history details are displayed for the last 24 hours. From the drop-down, select one of the time intervals to display history details for that time frame.

    • Export: Use this button to export the listed data as either a JSON or CSV file. For more information, see Exporting data.

    • Refresh: Update the list displayed.

    • Search: For more information, see Search box.

Table 208: Users: History tab properties
Property Description
Date/Time The date and time of the event
User The display name of the user that triggered the event
Source IP The network DNS name or IP address of the managed system that triggered the event
Object Name The name of the selected user.
Event

The type of operation made to the selected user:

  • Create
  • Delete
  • Update
  • Add Membership
  • Remove Membership

NOTE: A membership operation indicates a "relationship" change with a related or parent object such as the selected user was added or removed from the membership of a user group or entitlement.

Related Object The name of the related object.
Related Object Type The type of the related object.
Parent The name of the object to which the selected user is a child.
Parent Object Type The parent object type.
관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택