Category
Topic
Subtopic
Book
OneLogin MFA as secondary authentication fails on first login attempt (4378747)
When logging into SPP the first time with a user that has OneLogin MFA enabled as secondary authentication, the first login attempt fails with the following error: ... A system error occurred and has been logged.
Sessions fail when using an account that is a member of the "Protected Users" AD Security Group (4251649)
Sessions fail when using an account that is a member of the "Protected Users" AD Security Group, when attempting to connect the error is shown: ... "This computer can't connect to the remote computer.
Azure AD Asset broken after upgrading SPP (4373726)
No platform is defined with ID AzureADv182fe1a5c5c8b4420cacc7f563236618a4 ... WORKAROUND: ... For SPP versions below 7.5: Upgrade to latest feature release 7.5.x or latest LTS release 8.0 or above then perform steps below.
CVE-2024-40595 Authentication Bypass Vulnerability Safeguard on Demand (4377635)
After comprehensive testing an authentication bypass vulnerability in the RDP component of One Identity Safeguard for Privileged Sessions has been determined to have potential impact on Safeguard for Privileged Sessions on Demand as well.
Enhancement Request to add the Appliance Name variable for email template notifications (4377272)
STATUS: Enhancement Request # 456725 has been raised with our Product team for consideration of inclusion within a future release of One Identity Safeguard for Privileged Passwords.
Account or Asset discovery rules getting deleted while doing search or filter (4376794)
When doing a search or filter for any particular Account or Asset Discovery Rule, then all other listed rules get removed or deleted and only the searched rule remains listed. ... Change Request # 462848 will fix this issue in a future release of SPP
Configuring Microsoft’s Azure AD Federation with Safeguard (4360719)
From Settings | Identity and Authentication, add a new External Federation. ... Enter name, description, and the realm (the realm should be the email or UPN suffix that users use to logon to Azure such as yourdomain.com).
Enhancement Request to add Just in time function with Entra AD for SPP (4376642)
Enhancement Request to add Just in time function with Entra AD for SPP <strong>STATUS: </strong>Enhancement Request # 462654 and has been raised with our Product team for consideration of inclusion within a future release of One Identity Safeguard for Privileged Passwords 462654
Error: "Unauthorized access, access denied Exception by HRESULT: 0x80070005 (E_ACCESSDENIED)" on Windows asset (4263925)
Logs may show the error: ... The service account has been denied access by the target system. ... 1/ If using Authentication Type "Password" ensure that the username of the Service Account Name set on the "Connection" tab, has been added in unqualified format (e.g. just administrator).
How to use Custom Platforms in Safeguard (4209805)
How can I create a Custom Platform in Safeguard for Privileged Passwords <p>The ability to create Custom Platforms was added in Safeguard 2.4. ... These can be used in cases where the built in platforms that are shipped with the product are not compatible with the assets you are looking to manage.<br><br>Custom Platform supports SSH (from 2.4), TN3270 (from 2.7), Telnet (from 2.8) and HTTP (from 2.8)<br><br>To utilize a Custom Platform, an Asset Administrator adds a Custom Platform.
Safeguard on Demand Starling Edition - Secure Gateway Release Notes (4376447)
Secure Gateway is a client that can be used to connect your network to the Safeguard On Demand (Starling Edition) Cloud environment appliances Safeguard for Privileged Passwords and Safeguard for Privileged Sessions to assets located within your company's private network.
Enhancement request to modify External Federation Login field text (4376451)
When SPP is used with External Federation, the login text displayed to the user asks for an Email Address. ... This can be different depending on the External Federation configuration, if a different value other than email address is used to login this can be misleading for the end users.
How to generate a support bundle for One Identity Safeguard? (4256188)
Browse to select a location to save the support bundle .zip file and click (or tap) Save.<br><br><strong>Method 2 - Serial Recovery Kiosk </strong><br><br>NOTE: Prior to using the Support Bundle option on the recovery kiosk, set up a Windows share where the support bundle is to be sent.
Minimum Required Permissions for Windows Asset and Directory Password Management and Sessions (4251460)
<h5> </h5> ... <p><strong>NOTE</strong>: In order for a non domain administrator to manage Protected Accounts (i.e Users that are members of the Domain Admins, Administrators, and Enterprise Admins groups), the rights would need to be delegated over the AdminSDHolder object in AD, to the Safeguard service account.
Safeguard On Demand Starling Edition DNS issue (4375877)
Any IP address will suffice, it is only intended to make a 'change', then save <br>- You will see the button for Edit Settings changed to Updating..
How to generate and install a SSL web certificate from a Safeguard created "Web Certificate Request" (4251588)
<div> </div> ... <div>NOTE: The certificate generated by the Certificate Authority (.CER file) ... is specific to the request file that was used to generate it. ... </div> ... <div> ... Select the certificate from above.<br><br><strong>Assign the certificate to Safeguard devices</strong><br><br>Right click on the newly uploaded certificate and select "Assign Certificate to Appliances", tick the appliances you want to assign to and click OK.<br><br><img alt="" src="https://prod-support-images-cfm.s3.amazonaws.com/KB_1-6CMBZKZ_assignto.JPG"></img></div>
Advanced Search is not working as expected on replicas (4375111)
For access requests on a replica and trying to use the advanced search, no results are shown when data is entered WORKAROUND: none ... STATUS: This issue has been identified as Defect # 449050 and submitted to consideration for a fix in a future release of SPP (subject to QA and Product Management) 449050
How to perform a Force Unjoin of your Starling Subscription (4314825)
In the event that your Starling Subscription in Safeguard becomes 'out of sync' with the Starling Cloud Servers, one side may believe that the Join is valid, whereas the other side believes the Join no longer exists or is no longer valid.
How to add a user as a collaborator to an organization and promote to organization administrator. (4256329)
How to add a user as a collaborator to an organization and promote to organization administrator. ... <p>The currently registered admin would need to login to the Starling Portal and select the subscription, for example: Safeguard on Demand -> Click on collaborators tab -> invite collaborator</p>
How To: Configure Windows Assets in Safeguard (4314156)
Create a service account on the asset and assign it a password:</div> ... <p style="margin-left: 40px;"><br><strong>Directory Configuration:</strong></p> ... <p style="margin-left: 40px;">If the Windows system is joined to a domain that will be managed in Safeguard for Privileged Passwords, you can use a directory account, such as a Microsoft Active Directory account to manage the asset.
Directory Delete Sync fails for Starling Directory Provider (4374695)
Directory Provider Delete Sync for Starling provider fails with the following error: <pre class="ckeditor_codeblock"> An unexpected error occurred while synchronizing the directory. ... Reason: An error occurred while searching the Starling directory.
Is it possible to bulk import passwords in the Personal Password Vault? (4374793)
Are there any options to import personal passwords in bulk form a csv file to the Personal Password Vault?
AD account usage for SSH session adds domain to account (4374112)
Notice that the cn value is the same as the sAMAccountName (that is, just the userid, and not the <a href="mailto:userid@somedomain.com" target="_blank">userid@somedomain.com</a>.)<br><br><img alt="renditionDownload.png" src="https://questsoftware.file.force.com/servlet/rtaImage?eid=ka06R000000Hd97&feoid=00N6R00000J0qH8&refid=0EM6R000005XdhY"></img> Name attribute can be the same if there is a blank space in the account itself (when the account has First name and Last Name).
Enhancement Request to add contextual data to Syslog Events (4374233)
Currently for SPP LTS or Feature, is not possible to add <span class="uiOutputText" dir="ltr">contextual data details to a syslog event.</span> <strong>STATUS:</strong><br><span class="uiOutputText" dir="ltr">Enhancement Request # 441083 </span>has been raised with our Product team for consideration of inclusion within a future release of One Identity Safeguard for Privileged Passwords. 441083
Enhancement to add email recipients and schedule for Activity Reports (4373845)
Enhancement to add email recipients and schedule for Activity Reports <strong>STATUS:</strong> Enhancement Request # <span class="uiOutputText" dir="ltr">438101 has </span>been raised with our Product team for consideration of inclusion within a future release of One Identity Safeguard for Privileged Passwords. 438101
New Product Association
- Self Service Tools
- Knowledge Base
- Notifications & Alerts
- Product Support
- Software Downloads
- Technical Documentation
- User Forums
- Video Tutorials
- RSS Feed
- Featured Content
- Impact of CVE-2021-44228 Apache Log4j Vulnerability
- Contact Us
- Technical Support
- View All