Sign In Request

Continue

Support Forms Under Maintenance

Submitting forms on the support site are temporary unavailable for schedule maintenance. If you need immediate assistance please contact technical support. We apologize for the inconvenience.

Continue
Chat now with support
Chat with Support

  • Get Live Help

  • Complete Registration

    Sign In

    Request Pricing

    Contact Sales

Please select your product:

You have selected a product bundle. Can you please select the individual product for us to better serve your request.*

There is not a technical support engineer currently available to respond to your chat. For prompt service please submit a case using our case form.

To serve you better, please complete the Purpose of your Chat:
2000 characters remaining

Recommended Solutions for Your Problem

The following articles may solve your issue based on your description.

No Results Found
Close Start Chat
image.logo.print
image.logo
  • Products
    • View all Products
    • Free Trials
  • Solutions
    • All Solutions
    • All Integrations
  • Resources
    • Blogs
      • Blogs A to Z
      • AD-Centered IAM
      • Cloud
      • Identity Governance & Administration
      • Privileged Access Management
      • syslog-ng Community
    • Customer Stories
    • Documents
    • Events
    • Webcasts
    • Technical Documentation
    • Videos
    • White Papers
  • Trials
  • Services
    • Professional Services
    • One Identity University
    • Support Services
  • Support
    • Support Home
    • By Product
      • All Products
      • Active Roles
      • Defender
      • Identity Manager
      • Identity Manager On Demand
      • Identity Manager On Demand - Starling Edition
      • One Identity Safeguard for Privileged Sessions (Balabit)
      • One Identity Safeguard for Privileged Passwords
      • Password Manager On Demand
      • Password Manager
      • Safeguard Privilege Manager for Windows
      • Safeguard Authentication Services
      • Safeguard for Privileged Passwords On Demand
      • Starling Connect
      • Safeguard for Privileged Sessions On Demand
      • Safeguard Remote Access
      • syslog-ng Premium Edition
      • syslog-ng Store Box
      • TPAM
      • OneLogin
    • Contact Support
      • Contact Us
      • Customer Service
      • Licensing Assistance
      • Renewals Assistance
      • Technical Support
    • Download Software
    • Knowledge Base
    • My Account
      • My Products
      • My Service Requests
      • My Licenses
      • My Groups
      • My Profile
    • Policies & Procedures
    • Professional Services
    • Technical Documentation
    • One Identity University
    • User Forums
    • Video Tutorials
  • Partners
    • Overview
    • Partner Circle Log In
    • Become a Partner
    • Find a Partner
  • Communities
    • Home
    • Blogs
      • Blogs A to Z
      • AD-Centered IAM
      • Cloud
      • Identity Governance & Administration
      • Privileged Access Management
    • Forums
      • All Product Forums
      • Active Roles
      • Identity Manager
      • Password Manager
      • Safeguard
      • Unix Access Management
    • Social
      • Facebook
      • Google+
      • LinkedIn
      • Twitter@OneIdentity
      • Youtube
Sign In

NOTICE! We are upgrading our support telephone services, implementing Genesys, starting the week of May 19, 2025

  • Print
  • My Downloads ()
  • Support
  • Technical Documentation
  • One Identity Safeguard for Privileged Passwords 6.0 LTS
  • One Identity Safeguard for Privileged Passwords 6.0 LTS - Administration Guide

One Identity Safeguard for Privileged Passwords 6.0 LTS - Administration Guide

Table of Contents  
Introduction
Introduction to One Identity Safeguard for Privileged Passwords
Overview of the entities Key features What's new in version 6.0 LTS
Appliance specifications
System requirements
Desktop client system requirements Web client system requirements Web management console system requirements Supported platforms Product licensing Long Term Support (LTS) and Feature Releases
Using the virtual appliance and web management console
Setting up the virtual appliance Virtual appliance backup and recovery Support Kiosk
Cloud deployment considerations
AWS deployment Azure deployment Virtual appliance backup and recovery
Setting up Safeguard for Privileged Passwords for the first time
Step 1: Create the Authorizer Administrator Step 2: Authorizer Administrator creates administrators Step 3: Appliance Administrator configures the appliance Step 4: User Administrator adds users Step 5: Asset Administrator adds managed systems Step 6: Security Policy Administrator adds access request policies
Search box
Search by attribute Select a drop-down to sort
Using the web client
My Requests (web client) Approvals (web client) Reviews (web client) Favorites (web client) Settings, version, and Windows desktop client (web client) Change password (web client) FIDO2 keys (web client) Log out (web client)
Installing the desktop client
Installing the desktop client Starting the desktop client Uninstalling the desktop client
Using the desktop client
Settings (desktop client) User information and log out Desktop client favorite request Desktop client navigation pane
Home Dashboard
Access Requests
Viewing details
Account Automation
Activity Center
Applying search criteria Saving search criteria Generating an activity audit log report Scheduling an activity audit log report Editing or deleting a saved search or scheduled report Viewing event details Auditing request workflow Filtering report results Sorting report results
Reports
Running an entitlement report Converting time stamps
Administrative Tools
Toolbar options
Privileged access requests
Configuring alerts
Toast notifications Email notifications
Password release request workflow
Requesting a password release
Taking action on a password release request
Approving a password release request Reviewing a completed password release request
Session request workflow
About sessions and recordings Requesting session access
Taking action on a session request
Approving a session request Launching the SSH client Launching an RDP session Reviewing a session request Replaying a session Following and terminating a "live" session
Toolbox
Viewing task status Stopping a task
Accounts
General tab (account) Access Request Policies tab (account) Account Groups tab (account) Dependent Assets (account) Check and Change Log tab (account) History tab (account) Managing accounts
Adding an account Adding a cloud platform account Manually adding a tag to an account Adding an account to one or more account groups Modifying an account Deleting an account Importing objects
Creating an import file
Checking, changing, or setting an account password Viewing password archive
Account Groups
General tab (account group) Accounts tab (account group) Access Request Policies tab (account group) History tab (account group) Managing account groups
Adding an account group Adding a dynamic account group
General tab (add dynamic account group) Account Rules tab (add dynamic account group) Summary tab (add dynamic account group)
Adding one or more accounts to an account group Adding accounts to an access request policy Modifying an account group Deleting an account group
Assets
General tab (asset) Accounts tab (asset) Account Dependencies tab (asset) Access Request Policies tab (asset) Asset Groups tab (asset) Discovered Services tab (asset) History tab (asset) Managing assets
Adding an asset
General tab (add asset) Management tab (add asset) Account Discovery tab (add asset) Connection tab (add asset)
About service accounts About Test Connection SSH Key
Importing an SSH key
Directory Account Local System Account Password (local service account) Access Key None
Attributes tab (add asset)
Checking an asset's connectivity Assigning an asset to a partition Assigning a profile to an asset Manually adding a tag to an asset Adding an account to an asset Adding account dependencies Adding an asset to asset groups Modifying an asset Deleting an asset Importing objects Downloading a public SSH key
Asset Groups
General tab (asset group) Assets tab (asset group) Access Request Policies tab (asset group) History tab (asset group) Managing asset groups
Adding an asset group Adding a dynamic asset group
General tab (add dynamic asset group) Asset Rules tab (add dynamic asset group) Summary tab (add dynamic asset group)
Adding assets to an asset group Modifying an asset group Deleting an asset group
Discovery
Asset Discovery
Asset Discovery job workflow Adding an Asset Discovery job
General tab (asset discovery) Information tab (asset discovery) Rules tab (asset discovery)
Add Condition (asset discovery) Edit Connection Template (asset discovery) Add Asset Profile (asset discovery)
Schedule tab (asset discovery) Summary tab (asset discovery)
Editing an Asset Discovery job Deleting an Asset Discovery job
Asset Discovery Results Account Discovery
Account Discovery job workflow Adding an Account Discovery job
Adding an Account Discovery rule
Editing an Account Discovery job Deleting an Account Discovery job
Account Discovery Results Discovered Accounts Service Discovery Results Discovered Services
Entitlements
General tab Users tab Access Request Policies tab History tab Managing entitlements
Adding an entitlement
General tab
About priority precedence
Time Restrictions tab
About time restrictions
Creating an access request policy
General tab Scope tab Requester tab Approver tab Reviewer tab Access Config tab Session Settings tab Time Restrictions tab Emergency tab
Adding users or user groups to an entitlement Deleting an access request policy Modifying an access request policy Copying an access request policy Viewing and editing policy details Modifying an entitlement Deleting an entitlement
Partitions
About partition profiles General tab (partitions) Assets tab (partitions) Accounts tab (partitions) Profiles tab (partitions) History tab (partitions) Managing partitions
Adding a partition Adding assets to a partition Removing assets from a partition Creating a profile Modifying a profile Setting a default partition Setting a default partition profile Assigning assets or accounts to a profile Modify a partition Delete a partition
Settings
Access Request settings
Enable or Disable Services Reasons
Appliance settings
Appliance Diagnostics Appliance Information
Setting the appliance name Shutting down the appliance Restarting the appliance
Enable or Disable Services Factory Reset from the desktop client Licensing Lights Out Management (BMC) Network Diagnostics
Ping NS Lookup Trace Route Telnet Show Routes
Networking Operating system licensing Support Bundle Time Updates
Asset Management settings
Custom platforms
Creating a custom platform script Adding a custom platform
Tags
Adding a tag for dynamic tagging of assets or asset accounts Deleting an asset or asset account tag Modifying an asset or asset account tag Copying an asset or asset account tag to another partition Viewing asset and asset account tag assignments
Backup and Retention settings
About backups Archive servers
Adding an archive server
Audit Log Management Backup and restore
Run Now Backup settings Download Upload Restore Archive backup
Backup retention
Certificate settings
About certificates Audit Log Signing Certificate
Installing an audit log signing certificate Creating a Certificate Signing Request for audit logs
Certificate Signing Request SSL Certificates
Installing an SSL certificate Creating a Certificate Signing Request (CSR) Assigning a certificate to appliances
Trusted Certificates
Adding a trusted certificate Removing a trusted certificate
Cluster settings
Cluster Management
Cluster view pane Appliance details and cluster health pane
Managed networks
Adding a managed network Deleting a managed network Resolving IP address
Offline Workflow (automatic)
Enable automatic Offline Workflow Manually override automatic Offline Workflow
Session Appliances with SPS join
External Integration settings
Application to Application
About Application to Application functionality Setting up Application to Application Adding an application registration Deleting an application registration Regenerating an API key Making a request using the Application to Application service
Approval Anywhere
Adding authorized user for Approval Anywhere
Email
Enabling email notifications Modifying an email template
Identity and Authentication
Authentication provider combinations Adding identity and authentication providers
SNMP
Configuring SNMP subscriptions Verifying SNMP configuration
Starling
Join Starling
Syslog
Configuring a syslog server Verifying syslog server configuration
Ticketing system
Messaging settings
Login Notification Message of the Day
Profile settings
Account Password Rules
Adding an account password rule
Change Password
Adding change password settings
Check Password
Adding check password settings
Password sync groups
Adding a password sync group Modifying a password sync group
Safeguard Access settings
Login Control Password Rule
Modifying user password requirements
Time Zone
Users
General tab (user) User Groups tab (user) Partitions tab (user) Entitlements tab (user) Linked Accounts tab (user) History (user) Managing users
Adding a user
Identity tab (add user) Authentication tab (add user) Location tab (add user) Permissions tab (add user)
Requiring secondary authentication log in
Configuring user for Starling Two-Factor Authentication when logging in to Safeguard
Adding a user to user groups Assigning a user to partitions Adding a user to entitlements Linking a directory account to a user Modifying a user Enabling or disabling a user Deleting a user Importing objects Setting a local user's password Unlocking a user's account
User Groups
General tab (user groups) Users tab (user groups) Entitlements tab (user groups) History tab (user groups) Managing user groups
Adding a user group Adding a directory user group Adding users to a user group Adding a user group to an entitlement Modifying a user group Deleting a user group
Disaster recovery and clusters
Enrolling replicas into a cluster Unjoining replicas from a cluster Maintaining and diagnosing cluster members
About Offline Workflow Mode
Manually control Offline Workflow Mode
Failing over to a replica by promoting it to be the new primary Activating a read-only appliance Diagnosing a cluster member Patching cluster members
About cluster patching
Using a backup to restore a clustered appliance Resetting a cluster that has lost consensus Performing a factory reset Unlocking a locked cluster
Troubleshooting tips
Appliance states
Administrator permissions
Appliance Administrator permissions Asset Administrator permissions Auditor permissions Authorizer Administrator permissions Help Desk Administrator permissions Operations Administrator permissions Security Policy Administrator permissions User Administrator permissions
Preparing systems for management
Preparing ACF - Mainframe systems Preparing Amazon Web Services platforms Preparing Cisco devices Preparing Dell iDRAC devices Preparing VMware ESXi hosts Preparing Fortinet FortiOS devices Preparing F5 Big-IP devices Preparing HP iLO servers Preparing HP iLO MP (Management Processors) Preparing IBM i (AS/400) systems Preparing JunOS Juniper Networks systems Preparing MongoDB Preparing MySQL servers Preparing Oracle databases Preparing PAN-OS (Palo Alto) networks Preparing PostgreSQL Preparing RACF mainframe systems Preparing SAP HANA Preparing SAP Netweaver Application Servers Preparing Sybase (Adaptive Server Enterprise) servers Preparing SonicOS devices Preparing SonicWALL SMA or CMS appliances Preparing SQL Servers Preparing Top Secret mainframe systems Preparing Unix-based systems Preparing Windows systems
Minimum required permissions for Windows assets
Preparing Windows SSH systems
Troubleshooting
Anti-CSRF (cross-site request forgery) token error Connectivity failures
Change password fails Incorrect authentication credentials Missing or incorrect SSH host key No cipher supported error Service account has insufficient privileges
Cannot connect to remote machine through SSH or RDP Cannot delete account Cannot play session message Domain user denied access to Safeguard for Privileged Passwords LCD status messages
Appliance LCD and controls
My Mac keychain password was lost Password fails for Unix host Password is pending review Password is pending a reset Profile did not run Recovery Kiosk (Serial Kiosk)
Appliance information (Recovery Kiosk) Power options
Rebooting the appliance Shutting down the appliance
Admin password reset Factory reset from the Recovery Kiosk Support bundle
Replica not adding System services did not update or restart after password change Test Connection failures
Test Connection failures on archive server Certificate issue Cipher support Domain controller issue Networking issue Windows WMI connection failure
Timeout errors causing operations to fail User locked out User not notified
Frequently asked questions
How do I access the API
How do I customize the response using API query parameters
How do I audit transaction activity How do I configure external federation authentication
How do I add an external federation provider trust How do I create a relying party trust for the STS How do I add an external federation user account
How do I manage accounts on unsupported platforms How do I modify the appliance configuration settings How do I prevent Safeguard for Privileged Passwords messages when making RDP connections How do I set up telnet and TN3270/TN5250 session access requests How do I set the appliance system time How do Safeguard for Privileged Passwords database servers use SSL What are the access request states What do I do when an appliance goes into quarantine When does the rules engine run for dynamic grouping and tagging Verifying syslog server configuration Why did the password change during an open request
Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions Appendix E: Historical changes by release
What's new in version 2.1.0.5687 What's new in version 2.2.0.6958 What's new in version 2.3.0.7426 What's new in version 2.4.0.7846 What's new in version 2.5.0.8356 What's new in version 2.6.0.8961 What's new in version 2.7.0.9662 What's new in version 2.8.0.10133 What's new in version 2.9.0.10658 What's new in version 2.10.0.10980 What's new in version 2.11.0.11444
Glossary

Settings-Sessions-AssigningAppliance2ArchiveServer

 Welcome to One Identity Support

You can find online support help for*product* on an affiliate support site. Click continue to be directed to the correct support content and assistance for *product*.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating

Company
  • About Us
  • Buy
  • Contact Us
  • Careers
  • News
Resources
  • Customer Stories
  • Documents
  • Events
  • Videos
  • Blogs
Related
  • Technical Documentation
  • One Identity University
  • Professional Services
  • Renew Support
  • Licensing Assistance
Social
  • Facebook
  • Instagram
  • Twitter
  • LinkedIn
  • Youtube
대한민국 web site version is selected
  • Albania
  • Angola
  • Anguilla
  • Antigua & Barbuda
  • Argentina
  • Aruba
  • Australia
  • Austria
  • Azerbaijan
  • Bahamas
  • Bahrain
  • Barbados
  • Belgium
  • Belize
  • Benin
  • Bermuda
  • Bolivia
  • Bosnia-Herzegovina
  • Botswana
  • Brazil
  • British Virgin Islands
  • Bulgaria
  • Burkina Faso
  • Burundi
  • Cameroon
  • Canada
  • Cape Verde
  • Cayman Islands
  • Central African Republic
  • Chad
  • Chile
  • 中国
  • Colombia
  • Comros
  • Congo
  • Costa Rica
  • Croatia (Hrvatska)
  • Cyprus
  • Czech Republic
  • Democratic Republic of Congo
  • Denmark
  • Djibouti
  • Dominica
  • Dominican Republic
  • Ecuador
  • Egypt
  • El Salvador
  • Estonia
  • Ethiopa
  • Finland
  • France
  • French Guiana
  • French Overseas Territories
  • French Polynesia
  • Gabon
  • Gambia
  • Germany
  • Ghana
  • Greece
  • Grenada
  • Guadeloupe
  • Guatemala
  • Guinea
  • Guyana
  • Haiti
  • Honduras
  • Hong Kong
  • Hungary
  • Iceland
  • India
  • Ireland
  • Israel
  • Italy
  • Ivory Coast
  • Jamaica
  • 日本
  • Jordan
  • Kenya
  • 대한민국
  • Kuwait
  • Latvia
  • Lesotho
  • Liberia
  • Libya
  • Lithuania
  • Luxembourg
  • Macedonia
  • Madagascar
  • Malawi
  • Malaysia
  • Mali
  • Malta
  • Martinique
  • Mauritania
  • Mauritius
  • Mayotte
  • Mexico
  • Monaco
  • Montenegro
  • Montserrat
  • Mozambique
  • Namibia
  • Netherlands
  • New Caledonia
  • New Zealand
  • Nicaragua
  • Niger
  • Nigeria
  • Norway
  • Oman
  • Panamá
  • Paraguay
  • Peru
  • Philippines
  • Poland
  • Portugal
  • Puerto Rico
  • Qatar
  • Reunion
  • Romania
  • Russian Federation
  • Rwanda
  • Saudi Arabia
  • Senegal
  • Serbia
  • Seychelles
  • Sierra Leone
  • Singapore
  • Slovakia
  • Slovenia
  • Somalia
  • South Africa
  • Spain
  • St. Kitts & Nevis
  • St. Lucia
  • St. Vincent & Grenadines
  • Suriname
  • Swaziland
  • Sweden
  • Switzerland
  • Taiwan
  • Tanzania
  • Thailand
  • Togo
  • Trinidad y Tobago
  • Turkey
  • Turks & Caicos Islands
  • Uganda
  • Ukraine
  • United Kingdom
  • United States
  • Uruguay
  • US Virgin Islands
  • Venezuela
  • Yemen
  • Zambia
  • Zimbabwe
대한민국
한국어 | English

© 2025 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center

OK Go to My Account

IE 8, 9, & 10 No longer supported

The One Identity Portal no longer supports IE8, 9, & 10 and it is recommended to upgrade your browser to the latest version of Internet Explorer or Chrome.

Upgrade to IE 11 Click here

Upgrade to Chrome Click here

If you continue in IE8, 9, or 10 you will not be able to take full advantage of all our great self service features.

Close