Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 6.0.11 LTS - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Getting started with the desktop client Using the desktop client Search box Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Safeguard Access settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions SPP glossary

Upload

Safeguard for Privileged Passwords allows you to retrieve a backup file from a file location and add it to the Safeguard for Privileged Passwords Backup and Restore page list on the appliance.

To upload a backup file

  1. Navigate to Administrative Tools | Settings | Backup and Retention | Safeguard Backup and Restore.
  2. Click  Upload.
  3. Browse to select a backup file and click Open.

Restore

Safeguard for Privileged Passwords allows you to restore the data on your appliance with data from a selected backup. Safeguard for Privileged Passwords does not restore the appliance IP address, NTP settings, or the DNS settings. To verify that these settings are correct after a restore, go to Settings | Appliance Information.

Caution: If you restore a backup that is older than the Maximum Password Age set in the Login Control settings, all user accounts (including the bootstrap administrator) will be disabled and you will have to reset all of the user account passwords. If your bootstrap administrator's password is locked out, you can reset it from the Recovery Kiosk. For more information, see Admin password reset.

IMPORTANT: For on-prem VM (Hyper-V or VMware) only: If you upgrade from 2.x to 6.0 then restore a backup taken prior to 6.0, you will need to reassign session connections. See KB Article xxxx for resolution steps.

Version considerations when restoring a backup

An Appliance Administrator can restore backups as far back as Safeguard for Privileged Passwords version 2.2.0.6958. Only the data is restored; the running version is not changed.

If the administrator attempts to restore a version earlier than 2.2.0.6958, a message like the following displays: Restore failed because the backup version '[version]' is older than the minimum supported version '2.2.0.6958' for restore.

You cannot restore a backup from a version newer than the one running on the appliance. The restore will fail and a message like the following displays: Restore failed because backup version [version] is newer then the one currently running [version].

The backup version and the running version display in the Activity Center logs that are generated when Safeguard starts, completes, or fails a restore.

To restore the Safeguard for Privileged Passwords appliance from a selected backup

  1. Navigate to Administrative Tools | Settings | Backup and Retention | Safeguard Backup and Restore.
  2. Select a backup. If the backup file is not listed, you can Upload it first.
  3. Click Restore.
  4. When the Restore dialog diplays, enter the word Restore in the box and click OK.

    Safeguard for Privileged Passwords automatically restarts the appliance, if necessary.

  5. After restoring from backup verify that the following are set correctly.

    • Check the archive server in the automated backup schedule. If necessary, set the correct archive server. For more information, see Archive backup.
    • Check the archive server in the session archive settings. If necessary, set the correct archive server. If you used the embedded sessions module and had an archive server configured, the archive server must be configured to play back the archived sessions.

    • If you restored a backup to a different appliance, managed networks will no longer have any assigned appliances. Password management and discovery tasks will fail. For more information, see Managed networks.
  6. Once the appliance is fully operational, it asks you to restart the Windows desktop client. All modifications to Safeguard for Privileged Passwords objects since the backup was created will be lost.

Caution: After a restore, requesters, approvers, and reviewers will not have access to any access request workflow events that were in process at the time of the backup. The Activity Center displays those workflow events as incomplete.

Archive backup

Safeguard for Privileged Passwords allows you to store backup files on an external archive server.

To archive a backup file

  1. Navigate to Administrative Tools | Settings | Backup and Retention | Safeguard Backup and Restore.
  2. Select the backup to be archived.
  3. Click  Archive and select Archive Backup.
  4. In the Archive Servers selection dialog, choose an archive server.

    NOTE: You can add an archive server from the Archive Servers selection dialog by clicking the Add Archive Server toolbar button.

Safeguard for Privileged Passwords copies the backup file to the archive server.

Backup retention

It is the responsibility of the Appliance Administrator to configure the maximum number of backup files you want Safeguard for Privileged Passwords to store on the appliance.

To configure the appliance backup retention settings

  1. Navigate to Administrative Tools | Settings | Backup and Retention | Safeguard for Privileged Passwords Backup Retention.
  2. Select the Enable Backup Retention check box.
  3. Enter the maximum number of backup files you want to store on the appliance.
  4. Click OK.

Once Safeguard for Privileged Passwords saves the maximum number of backup files, next time it performs a backup, it deletes the backup file with the oldest date.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating