|
CAUTION: Make sure you save a copy of the original Safeguard for Privileged Passwords CSV files before making edits to the files or uploading them to Access Certification. This is in case an edit to a CSV file leads to an unintended recommended change within Safeguard for Privileged Passwords. The unedited file can be compared to a newer version in order to identify where the data was changed and if it needs to be corrected. |
In order to run a campaign in Access Certification, the data that will be analyzed must first be uploaded. This is done via the Data Imports page which is accessed by selecting Data in the navigation bar.
The Safeguard for Privileged Passwords data that is used by Access Certification fits the following structure:
Figure 1: Structure of CSV data
|
CAUTION: Make sure you save a copy of the original Safeguard for Privileged Passwords CSV files before making edits to the files or uploading them to Access Certification. This is in case an edit to a CSV file leads to an unintended recommended change within Safeguard for Privileged Passwords. The unedited file can be compared to a newer version in order to identify where the data was changed and if it needs to be corrected. |
The Data Imports page is displayed by clicking Data in the navigation bar. The Data Imports page is used for uploading data to Access Certification in order to run a campaign.
The following appears on this page:
When uploading identity data from Safeguard for Privileged Passwords, the information is coming from the local identity provider (Active Directory) for which Safeguard for Privileged Passwords is the authority and corresponds with the users that have access to Safeguard for Privileged Passwords. It does not include data for disabled Safeguard for Privileged Passwords users, but it does include both Local and Certificate accounts. For information on the specific fields within the CSV file, see Identity data.
Clicking the Upload Identity Data button on this tile opens a dialog from which you can select the CSV file associated with the identity data you want uploaded in to Access Certification. Once a new file has been successfully uploaded, the tile will update to display the total number of uploaded identities and the date they were last updated.
When uploading account data from Safeguard for Privileged Passwords, the information is coming from the local identity provider (Active Directory) for which Safeguard for Privileged Passwords is the authority. It does not include data for disabled Safeguard for Privileged Passwords users. For information on the specific fields within the CSV file, see Account data.
Clicking the Upload Account Data button on this tile opens a dialog from which you can select the CSV file associated with the account data you want uploaded in to Access Certification. Once a new file has been successfully uploaded, the tile will update to display the total number of uploaded accounts and the date they were last updated.
The group data being used is that which corresponds with the groupings of Safeguard for Privileged Passwords users for the purpose of assigning entitlements. Because the data is specific to Safeguard for Privileged Passwords and how it manages users, the information might not be mapped to external identity providers. For information on the specific fields within the CSV file, see Group data.
Clicking the Upload Group Data button on this tile opens a dialog from which you can select the CSV file associated with the group data you want uploaded in to Access Certification. Once a new file has been successfully uploaded, the tile will update to display the total number of uploaded groups and the date they were last updated.
Entitlements are groupings of Safeguard for Privileged Passwords access policies and require that the Accounts and Groups data must first be gathered. This is because both accounts (users within Safeguard for Privileged Passwords) and groups can be added to entitlements. Each entitlement may contain zero or more access policies. However, an individual access policy may only be part of one entitlement. The reason for this is so that changing one access policy does not unintentionally modify a separate entitlement that the administrator may not realize is related. For information on the specific fields within the CSV file, see Entitlement data.
Clicking the Upload Entitlement Data button on this tile opens a dialog from which you can select the CSV file associated with the entitlement data you want uploaded in to Access Certification. Once a new file has been successfully uploaded, the tile will update to display the total number of uploaded entitlements and the date they were last updated.
Once you have generated CSV files for each of these data types (Generating CSV files from Safeguard for Privileged Passwords), you can begin uploading the files using this page (Uploading data).
|
CAUTION: Make sure you save a copy of the original Safeguard for Privileged Passwords CSV files before making edits to the files or uploading them to Access Certification. This is in case an edit to a CSV file leads to an unintended recommended change within Safeguard for Privileged Passwords. The unedited file can be compared to a newer version in order to identify where the data was changed and if it needs to be corrected. |
When uploading identity data from Safeguard for Privileged Passwords, the information is coming from the local identity provider (Active Directory for which Safeguard for Privileged Passwords is the authority and corresponds with the users that have access to Safeguard for Privileged Passwords. It does not include data for disabled Safeguard for Privileged Passwords users, but it does include both Local and Certificate accounts.
The following are descriptions of the fields within the identities CSV file:
|
NOTE: If any additional columns are included in the identities CSV file , they will be created as identity attributes in the graph. |
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center