Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 7.0.3.1 LTS - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Enable or Disable Services External Integration Real-Time Reports Safeguard Access Appliance Management Settings
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings
User Management Reports Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions About us

Creating a password profile

It is the responsibility of the Asset Administrator or the partition's delegated administrator to add password profiles to partitions.

To add a password profile to a partition

  1. Navigate to Asset Management > Partitions.

  2. In Partitions, select a partition from the object list and click View Details.

  3. Open the Password Profiles tab.

  4. Click New Profile from the details toolbar.

  5. On the General tab, supply the following information:

    1. Name: Enter a unique name for the profile. Limit: 50 characters

    2. Description: Enter information about this profile. Limit: 255 characters

  6. On the Check Password tab, select a previously defined check password setting from the drop-down menu or click Add to add a new check password setting. These are the rules used to verify account passwords. For more information, see Adding check password settings.

  7. On the Change Password tab, select a previously defined change password setting from the drop-down menu or click Add to add a new change password setting. These are the rules used to reset account passwords. For more information, see Adding change password settings.

  8. On the Account Password Rule tab, select a previously defined account password rule or click Add to add a new account password rule. An account password rule is a complexity rule that governs the construction of the new password created by Safeguard for Privileged Passwords during an automatic password change. For more information, see Adding an account password rule.

  9. Click OK to save your selections and create the profile.
  10. When creating a new profile, the Password Sync Groups tab is not available. This tab is displayed while editing a profile. You can use the Password Sync Groups tab to add or update a password sync group governed by the profile change schedule. For more information, see Password sync groups.

Creating an SSH key profile

It is the responsibility of the Asset Administrator or the partition's delegated administrator to add SSH key profiles to partitions.

To add an SSH key profile to a partition

  1. Navigate to Asset Management > Partitions.

  2. In Partitions, select a partition from the object list and click View Details.

  3. Open the SSH Key Profiles tab.

  4. Click New Profile from the details toolbar.

  5. On the General tab, supply the following information:

    1. Name: Enter a unique name for the profile. Limit: 50 characters

    2. Description: Enter information about this profile. Limit: 255 characters

  6. On the Check SSH Key tab, select a previously defined check SSH key setting from the drop-down menu. These are the rules Safeguard for Privileged Passwords uses to verify account SSH keys. For more information, see Adding SSH key check settings .

  7. On the Change SSH Key tab, select a previously defined change SSH key setting from the drop-down menu. These are the rules used to reset account SSH keys. For more information, see Adding SSH key change settings.

  8. On the Discover SSH Key tab, select a previously defined discover SSH key settings selection. These are the rules used to discover SSH keys. For more information, see Adding SSH key discovery.

  9. Click OK to save your selections and create the profile.

When creating a new partition SSH key profile, the SSH Key Sync Groups tab is not displayed. This tab is displayed while editing a partition SSH key profile. You can use the SSH Key Sync Groups tab to add or update an SSH key sync group governed by the profile change schedule. For more information, see SSH Key Sync Groups settings.

Setting a default partition

Each Asset Administrator can set a unique default partition and profile so that all new assets that administrator adds are automatically assigned to the default partition and default profile. For more information, see Setting a default profile.

To set the default partition

  1. Navigate to Asset Management > Partitions.
  2. In Partitions, select a partition and click Set as Default from the toolbar.

Setting a default profile

When you create a new partition, Safeguard for Privileged Passwords creates a corresponding default profile with default schedules and rules. Each Asset Administrator can set a unique default partition and profile. Once you set a default profile, all new assets and accounts you add are automatically assigned to that profile.

Safeguard for Privileged Passwords sets the default schedules to "Never" verify or reset passwords or SSH keys.

When you associate an asset to a partition, all the accounts associated with that asset, are also added to the scope of that partition. For more information, see About profiles.

To set another profile as the default

  1. Navigate to Asset Management > Partitions.
  2. In Partitions, select a partition and click View Details.

  3. Open the Password Profiles or SSH Key Profiles tab.
  4. Select a profile that is not the current default and click  Set as Default from the details toolbar or context menu. (When you select the default profile, the  Set as Default icon is grayed out.)
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating