Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 6.0.11 LTS - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Getting started with the desktop client Using the desktop client Search box Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Safeguard Access settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions SPP glossary

Appliance settings

Use the Appliance settings to view general information about the appliance, run diagnostic tools, and reset or update the One Identity Safeguard for Privileged Passwords hardware appliance.

Safeguard for Privileged Passwords can be set up to use a virtual appliance. For more information, see Using the virtual appliance and web management console.

Navigate to Administrative Tools | Settings | Appliance.

One Identity Safeguard for Privileged Passwords provides the following information to help you resolve many common problems you may encounter as you deploy and use your appliance.

Table 108: Appliance settings
Setting Description

Appliance Diagnostics

Where you execute a trusted, secure diagnostics package to help solve a configuration issue, synchronization issue, clustering issue, or other internal issues.

Appliance Information

Where you view general information about the appliance, as well as its performance utilization and the memory usage. This page also contains power controls to shut down or restart your appliance.

Network Diagnostics

Where you run diagnostic tests on your appliance.

Enable or Disable Services

Where you enable or disable the Application to Application functionality.

Factory Reset from the desktop client

Where you perform a factory reset to revert your appliance to its original state when it first came from the factory.

Licensing

Where you add or update a Safeguard for Privileged Passwords license.

Lights Out Management (BMC)

Where you enable and disable lights out management, which allows you to remotely manage the power state and serial console to Safeguard for Privileged Passwords using the baseboard management controller (BMC).

Networking

Where you view and configure the primary network interface, and if applicable, the sessions network interface.

Operating system licensing

Where you configure the operating system for the virtual appliance.

Support bundle

Where you create a support bundle containing system and configuration information to send to One Identity Support to analyze and diagnose issues with your appliance.

Time

Where you enable Network Time Protocol (NTP) and set the primary and secondary NTP servers.

NOTE: A replica in the cluster will always reference the primary appliance as its NTP server.

Updates

Where you upload and install an update file. For more information, see Updates.

In addition to the appliance options, One Identity Safeguard for Privileged Passwords provides these troubleshooting tools:

Table 109: Additional troubleshooting tools
Tool Description

Activity Center

View the details of specific events or user activity. For more information, see Activity Center.

LCD status messages

An LCD screen on the appliance to view the status of the appliance as it is starting up or shutting down. For more information, see LCD status messages.

Recovery Kiosk (Serial Kiosk)

A terminal or laptop connected directly to the appliance to view basic appliance information, restart the appliance remotely, shut down the appliance, reset the bootstrap administrator’s password to its initial value, perform a factory rest, or to generate and send a support bundle to a Windows share. For more information, see Recovery Kiosk (Serial Kiosk).

Appliance Diagnostics

Appliance Administrators can execute a trusted, secure appliance diagnostics package to help solve issues with configuration, synchronization, and clustering, as well as other other internal challenges. The appliance diagnostics package is available from the web Support Kiosk, not the Serial Kiosk (Recovery Kiosk). The appliance diagnostics package can be used even when the appliance is in quarantine. To protect against external threats, Safeguard rejects illegitimate appliance diagnostics packages. The manifest file in the appliance diagnostics package lists criteria that may include the minimum Safeguard version, appliance ID, and expiration time-stamp UTC. New product code and database changes are not included in an appliance diagnostics package.

Navigate to Administrative Tools | Settings | Appliance | Appliance Diagnostics.

  1. The state of the appliance displays (for example, Online). Click Refresh to update the state.
  2. If no appliance diagnostics package has been loaded, click Upload Diagnostics, select the appliance diagnostics package file that has an .sgd extension, then click Open.
    • If the upload criteria is not met, the appliance diagnostics package is not uploaded and a message like the following displays: The minimum Safeguard version needed to run this diagnostic package is <version>.
    • If the upload is successful, the Diagnostic Package Information displays with the Status of Staged. You can:
      • Select Execute and wait until the Status changes to Completed or Error.
      • Select Remove to delete the appliance diagnostics package and the associated log file.
  3. Once uploaded, you can perform these activities.
    • If the Expiration Date has not passed, you can select Execute to execute the appliance diagnostics package again.
    • Select Delete to delete the appliance diagnostics package, the associated log file, and stop any appliance diagnostics package that is running. Before uploading a different appliance diagnostics package, you must delete the current one because there can be only one appliance diagnostics package per appliance.
    • Select Download Log to save the log file. Audit log entries are available through the Activity Center during and after execution and are part of the appliance history. A log is also available during and after execution until the diagnostic package has been deleted.

Appliance Information

It is the responsibility of the Operations Administrator or the Appliance Administrator to monitor the status of the appliance.

To go to Appliance Information:

  • From the web client, click the  Settings menu on the left to go to the Settings: Appliance page. Click Appliance Information.
  • From the desktop client, navigate to Administrative Tools | Settings | Appliance | Appliance Information.

The following information displays.

Table 110: Appliance properties
Property Description
Appliance Name

The name of the appliance.

To modify this name, click Edit.

Host The appliance network server IP address.
Client Version (If applicable) The version of the Safeguard for Privileged Passwords desktop client application.
Appliance Version The version of the Safeguard for Privileged Passwords Appliance.
Uptime The amount of time (hours and minutes) the appliance has been running.

(web client) Power (shut down or restart)

Power

Use the Settings: Appliance page, Power, you can enter a Reason and click the button to shut down or restart your appliance.

(desktop client) Additional information and power down

In the desktop client, the view also contains two tabbed pages to display general information and performance data for the appliance.

Appliance: General tab properties

Disk displays the amount of used and free disk space.

Table 111: General tab: Appliance properties
Property Description
Manufacturer The system manufacturer.
Model The system model.
Bios Description The system bios description.
Bios Serial Number The system's bios serial number.
Serial Number The media access control address (MAC address) assigned to the network interface for communications.
Ship Date The appliance ship date.
Processor The processor information.
Virtual Memory The virtual memory allocation.
Physical Memory

The physical memory allocation.

TLS 1.2 only

Toggle on

Toggle off

Click this toggle to disable earlier versions of the Transport Layer Security (TLS) protocol and use only TLS v1.2.

NOTE: You must reboot your appliance after enabling TLS 1.2 only.

Power

Use the power controls to shut down or restart your appliance.

Appliance: Performance tab properties

Table 112: Performance tab: Performance properties
Property Description
Processor Displays the CPU information and the performance utilization of your appliance.
Memory Displays the memory usage of your appliance; what is currently in use and what is free.

Setting the appliance name

Safeguard for Privileged Passwords automatically assigns a name to the appliance; however, you can change the name from the desktop client, Appliance Information page.

To set the appliance name

  1. From the desktop client, navigate to Administrative Tools | Settings | Appliance | Appliance Information.
  2. Click Edit to enable the Appliance Name text box.
  3. Enter a new appliance name and click Save.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating