Use the controls and tabbed pages on the Partitions page to perform the following tasks to manage partitions:
Use the controls and tabbed pages on the Partitions page to perform the following tasks to manage partitions:
It is the responsibility of the Asset Administrator to add partitions to Safeguard for Privileged Passwords. When you create a new partition, Safeguard for Privileged Passwords creates a corresponding default profile with default schedules and rules. For more information, see Setting a default profile.
Name: Enter a unique name for the partition. Limit: 50 characters.
Description: (Optional) Enter information about this partition. Limit: 255 characters.
Name: Enter a unique name for the partition. Limit: 50 characters.
Description: (Optional) Enter information about this partition. Limit: 255 characters.
Click OK to save the partition.
When you create a new partition, Safeguard for Privileged Passwords creates a corresponding default profile with default schedules and rules. You can:
Use the Assets tab on the Partitions view to add one or more assets to a partition. When you assign an asset to a partition, all the accounts associated with that asset are assigned to that partition, as well.
You can only assign an asset to one partition at a time. When you assign an asset to a partition, all accounts associated with that asset are automatically reassigned to that partition, as well. Then, any new accounts you add for that asset are automatically assigned to that partition.
You can reassign the asset to another partition either from the scope of the other partition or from an asset's General properties. For more information, see Assigning an asset to a partition.
When you associate an asset to a partition, all the accounts associated with that asset, are also added to the scope of that partition. For more information, see About profiles.
If you do not see the asset you are looking for and are an Asset Administrator, you can create it in the dialog by clicking Create New. For more information, see Adding an asset.
Click Select Assets.
If you do not see the asset you are looking for and are an Asset Administrator, you can create it in the dialog by clicking New Asset. For more information, see Adding an asset (desktop client)
On the web client, use the Accounts tab on the Partitions view to add an account to a partition.
You can manage tasks and services on a domain controller (DC) asset. For more information, see Using a domain controller (DC) asset.
Navigate to Asset Management | Partitions.
Select a partition and click Edit.
Open the Accounts tab.
In the Select the asset for the new account dialog, select an asset to associate with this account then click Select Asset.
In the New Account dialog, enter the following information:
On the General tab:
Name:
Description: (Optional) Enter information about this managed account. Limit: 255 characters.
On the Management tab:
Enable Password Request: This check box is selected by default, indicating that password release requests are enabled for this account. Clear this option to prevent someone from requesting the password for this account. By default, a user can request the password for any account in the scope of the entitlements in which they are an authorized user.
Enable Session Request: This check box is selected by default, indicating that session access requests are enabled for this account. Clear this option to prevent someone from requesting session access using this account. By default, a user can make an access request for any account in the scope of the entitlements in which they are an authorized user.
Available for use across all partitions (Only available for some types of directory accounts): When selected, any partition can use this account and the password is given to other administrators. For example, this account can be used as a dependent account or a service account for other assets. Potentially, you may have assets that are running services as the account, and you can update those assets when the service account changes. If not selected, partition owners and other partitions will not know the account exists. Although archive servers are not bound by partitions, this option must be selected for the directory account for the archive server to be configured with the directory account.
Click OK.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center