Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 7.0 LTS - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Enable or Disable Services External Integration Real-Time Reports Safeguard Access
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings Reasons
User Management Reports Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions About us

FIDO2 keys

If the FIDO2 feature is enabled, at least one FIDO2 key must be registered. When a key is added, the placeholder name is Unnamed Key. You can enter a meaningful name or later edit the name. It is recommended that all users have more than one key registered in case a key is lost or damaged.

  1. In the upper right corner, next to your user name, click .
  2. Click My Settings.
  3. Open the My Account tab.
  4. Click Manage FIDO2 Keys. For existing keys, you will see the name and date each existing key was registered and last used.
  5. Perform an action:
    • To change a name, enter the new name, then click Save.
    • To remove a key, click Remove by the key. One key must remain registered. If a physical security key is lost, always delete the associated key from Safeguard for Privileged Passwords.
    • To add a key, click Register New FIDO2 Key.
      1. You will be asked to insert or connect to the new key.
      2. You will be prompted to reenter your primary credentials for verification.

      3. Tap or activate your new FIDO2 key that is being registered.

      4. You may then go back to the Manage FIDO2 Key page and give your newly registered key a name, then click Save.

For more information, see Requiring secondary authentication log in.

Application switcher

Accessible from the toolbar, the application switcher allows you to navigate between One Identity products related to Safeguard for Privileged Passwords.

To use the application switcher

  1. In the upper right corner, next to your user name, click the button to display the One Identity products available for access. Some products, such as Safeguard for Privileged Sessions, require they be linked before becoming available in the application switcher.

  2. Click one of the listed products to open it in a new tab.

Log out

Always securely log out of the web client. Log events are created based on how the user logged out: UserLoggedOut or InactiveUserLoggedOut.

To log out

  1. In the upper right corner, next to your user name, click .
  2. Click Log Out to securely exit the Safeguard for Privileged Passwords web client.

Search box

The search box can be used to filter the data being displayed. When you enter a text string into the search box, the results include items that have a string attribute that contains the text that was entered. This same basic search functionality is also available for many of the detail panes and dialogs, allowing you to filter the data displayed in the associated pane or dialog.

When searching for objects in the object lists, an attribute search functionality is also available where you can filter the results, based on a specific attribute. That is, the search term matches if the specified attribute contains the text. To perform an attribute search, click the icon to select the attribute to be searched.

Rules for using the search functionality:

  • Search strings are not case-sensitive. Exception: the Approvals and Reviews searches are case sensitive.
  • When you click on the search icon in the search bar you will see a drop down of available search attributes (columns) for the grid. This can be used in conjunction with the entered search strings.

    Some of the search attributes will also have an arrow to expand subsearches. These subsearches have pre-defined search strings.

  • By default, results are displayed in alphabetical order.
  • Wild cards are not allowed.
  • Try using quotes and omitting quotes. As you use the product, you will become familiar with the search requirements for the search fields you frequent. Safeguard may perform a general search (for example, omits quotes) or a literal search (for example, includes quotes). Example scenarios follow:

    • On Appliance Management | Search, search strings must be an exact match because a literal search is performed. Do not add quotes or underlines. For example, from the Settings pane, enter password rule to return Safeguard Access | Local Password Rule. If you enter "password rule" or password_rule, the following message is returned: No matches found.
    • On the Users pane search box, you can use quotes in an attribute search if there are spaces in the search name. For example, entering the following in the search box Username: "ab misc2" returns: AB misc2.

  • When multiple search strings are included, all search criteria must be met in order for an object to be included in the results list. In the web client, if conflicting attributes are entered for the same search (for example, both true and false) then the results will expand to show all matches so long as they fit one of those attributes.
  • When you combine a string search and an attribute search, the order they are entered into the search box matters. The attribute searches can be in any order, but the string search must come after the attribute searches.
  • To search using dates and times in the web client, the following format is used: YYYY-MM-DDThh:mm:ss. For example, if you are searching for an entitlement that expires December 1, 2021 then you would use the following search: ExpirationDate:2021-12-01. To include a minimum and maximum value in a search, use .. to separate two values. For example, if you are searching for an entitlement that expires between December 1, 2021 and December 3, 2021 then you would use the following search: ExpirationDate:2021-12-01..2021-12-03.

To search for objects or object details

  1. Enter a text string in the Search box. As you type, the list displays items whose string attributes contain the text that was entered.

    Examples:

    • Enter T in the search box to search for items that contain the letter "T".
    • Enter sse to list all items that contain the string "sse," (such as "Asset").

    NOTE: The status bar along the bottom of the console shows the number of items returned.

  2. To clear the search criteria, click the button in the search box.

    When you clear the search criteria, the original list of objects is displayed.

You can also Search by attribute.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating