Properties (account)
The Properties tab lists information about the selected account.
To access Properties:
web client: Navigate to Asset Management > Accounts > 
(View Details) > Properties.
Information for the account displays. Not all the information listed below is applicable for every account.
The following options are available on the top of the Properties tab:
- Discover SSH Keys: Use this option to run the selected SSH Key Discovery job.
- Enable-Disable: Select one of the following:
Select 
Enable to have SPP manage a disabled asset. Account Discovery jobs find all accounts that match the discovery rule's criteria regardless of whether it has been marked Enabled or Disabled in the past.
Select 
Disable to prevent SPP from managing the selected asset. When you disable an asset, SPP disables it and removes all associated accounts. If you choose to manage the asset later, SPP re-enables all the associated accounts.
The following fields and options display on the secondary tabs on the Properties tab based on the type of asset (for example, Windows, Linux, LDAP, or Active Directory). Clicking the Edit button on one of the secondary tabs allows you to edit the account.
Table 74: Accounts Properties tab: General properties
| Name |
The name of the selected account. |
|
Description |
Description of the selected account. |
| Asset |
The display name of the managed system associated with this account. Accounts are only associated with one asset. |
Table 75: Accounts Properties tab: Management properties
| Access Requests |
Indicates which type(s) of access requests are enabled for this account. |
|
Password Profile |
The name of the password profile that governs the accounts assigned to a partition.
When a password profile is inherited from an asset or partition this will be indicated by the text (Inherited) next to the name of the password profile. When the password profile is explicitly set, a  button will appear that allows you to clear the explicitly set password profile and instead use the inherited password profile. |
|
SSH Key Profile |
The name of the SSH key profile.
When an SSH key profile is inherited from an asset or partition this will be indicated by the text (Inherited) next to the name of the SSH key profile.
When the SSH key profile is explicitly set, a button will appear that allows you to clear the explicitly set SSH key profile. Once the cleared profile change is applied, the assigned inherited profile will be displayed. If there is no default SSH key profile designated for the partition, the asset will no longer have an SSH key profile assigned. If there is no SSH key profile explicitly set on the asset, the accounts on that asset will no longer have an SSH key profile assigned. Designating a default SSH key profile for the partition will ensure all assets and accounts in that partition have an inherited SSH key profile. |
Table 76: Accounts Properties tab: Secrets properties
| Passwords |
This tile is for managing the password for the account. The following options are available from the tile:
-
View Archive: Available once a password has been set, clicking this link displays previously assigned passwords for the selected asset. This dialog does not display the current password for the asset. The password archive is never purged. For more information, see Viewing password archive.
-
Set: Click this button to set the account password in the SPP database. The Set option does not change the account password on the asset.
-
Check: Click this button to verify the account password is in sync with the SPP database. If the password verification fails, you can change it.
-
Change: Click this button to reset and synchronize the account password with the SPP database.
For more information, see Checking, changing, or setting an account password. |
| TOTP Authenticator |
This tile is for managing the TOTP Authenticator for the account. The following options are available from the tile:
|
|
SSH keys |
This tile is for managing the SSH keys for the account. The following options are available from the tile:
-
View Archive: Available once an SSH key has been set, clicking this link displays previously assigned SSH keys for the selected asset. This dialog does not display the current SSH key for the asset. The SSH key archive is never purged. For more information, see Viewing SSH key archive.
-
Set: Click this button to set the SSH key in the SPP database. The Set option does not change the account SSH key on the asset.
-
Check: Click this button to verify the account SSH key is in sync with the SPP database. If the SSH key verification fails, you can change it.
-
Change: Click this button to reset and synchronize the SSH key with the SPP database.
For more information, see Checking, changing, or setting an SSH key. |
|
API keys |
Viewing API Key Archive
Each API key configured for the account will have a tile containing the following options:
NOTE: Should 4 or more API keys be configured, the tiles will be condensed into a single summary tile. To access and manage the individual API keys, click the name of the tile (API Keys <n>). This will open a pane containing a table view of the configured API keys as well as toolbar options for managing the keys.
-
View Archive: Click this link to access an archive of the API Key. For more information, see Viewing API Key Archive.
- Set: Click this button to set the API key in the SPP database. The Set option does not change the account SSH key on the asset.
-
Check: Click this button to verify the account SSH key is in sync with the SPP database. If the SSH key verification fails, you can change it.
-
Change: Click this button to reset and synchronize the SSH key with the SPP database.
-
 (Remove): Click this button to remove a previously configured API Key.
For more information, see Checking, changing, or setting an API key. |
|
Files |
This tile is for managing the files for the account. The following options are available from the tile:
-
View Details: Available after a file has been set, clicking this link displays previously assigned file for the selected account.
View Archive: Available after a file has been set, clicking this link displays previously assigned files for the selected account.
Set: Click this button to set the file. |
Tags: Tag assignments for the selected account.
The information displayed in the Tags pane includes both the dynamic tags added through tagging rules and static tags that were added manually. In addition to viewing tag assignments, Asset Administrators can add and remove statically assigned tags.
Delete: Click this button to delete the selected account.
Owners tab (account)
The Owners tab displays information about the owners associated with the account (and its associated assets). For more information on altering the owners assigned via tags, see Modifying an asset or asset account tag.
To access Owners:
- web client: Navigate to Asset Management > Accounts > (View Details) > Owners.
The Owners tab has three views: Account Owners, Asset Owners, and Partition Owners.
Table 77: Accounts: Owners tab properties
|
Account Owners |
| Type |
The type of owner. |
|
Name |
The name of the owner. |
|
Provider |
The name of the authentication provider. |
|
Direct |
This column indicates the ownership of the object was assigned directly rather than through the use of a tag. |
|
Via Tag |
This column indicates the ownership of the object was assigned through the use of a tag. |
|
Asset Owners |
| Type |
The type of owner. |
|
Name |
The name of the owner. |
|
Provider |
The name of the authentication provider. |
|
Direct |
This column indicates the ownership of the object was assigned directly rather than through the use of a tag. |
|
Via Tag |
This column indicates the ownership of the object was assigned through the use of a tag. |
|
Partition Owners |
| Type |
The type of user or group. |
|
Name |
The name of the user or group. |
|
Provider |
The name of the authentication provider. |
Use the following buttons on the details toolbar to manage the objects owned by the selected account.
Table 78: Accounts: Owners toolbar
|
 Add
|
Add one or more users or user groups to the selected account. For more information, see Adding users or user groups to an account. |
|
 Remove
|
Remove the selected object from being a manager of the selected account. You can only remove objects directly assigned to an account (as opposed to those assigned via the use of a tag). |
|
 Export
|
Use this button to export the listed data as either a JSON or CSV file. For more information, see Exporting data. |
|
 Refresh
|
Update the list of owners/managers. |
|
 Search
|
To locate a specific object in this list, enter the character string to be used to search for a match. For more information, see Search box.. |
Dependent Assets (account)
The Dependent Assets tab only displays for a directory account and displays the assets that have dependency on the selected directory account. Adding account dependencies.
To access Dependent Assets, in the web client, navigate to Asset Management > Accounts > 
View Details > Dependent Assets.
Table 79: Accounts: Dependent Assets tab properties
|
Name |
The Windows asset name. |
|
Network Address |
The network DNS name or IP address of the managed system. |
|
Platform |
The platform of the selected managed system. |
|
Asset Partition |
The partition where the Windows asset is assigned. |
Use these buttons on the details toolbar to manage the dependent assets.
Table 80: Accounts: Dependent Assets tab toolbar
|
 Refresh
|
Update the list of dependent assets assigned to the selected account. |
|
 Search
|
To locate a specific dependent asset in this list, enter the character string to be used to search for a match. For more information, see For more information, see Search box.. |
Access Request Policies (account)
The Access Request Policies tab displays the entitlements and access request policies, including password and SSH key release policies and session request policies, associated with the selected account. This information is available to users that have both Asset Administrator and Policy Administrator permissions.
To access Access Request Policies, in the web client, navigate to Asset Management > Accounts > View Details > Access Request Policies.
Table 81: Accounts: Access Request Policies tab properties
|
Entitlement |
The name of the access request policy's entitlement. |
|
Access Request Policy |
The name of the access request policy that governs the selected account. |
|
Accounts |
The number of unique accounts in the account groups that are associated with the access request policy. |
|
# Account Groups |
The number of unique account groups in the access request policy. |
|
Account Groups |
The names of the account groups that associate the selected account with the policy. |
|
Assets |
The number of unique assets in the asset groups that are associated with the access request policy. |
|
# Asset Groups |
The number of unique assets groups in the access request policy. |
|
Asset Groups |
The names of the asset groups that associate the selected account with the policy. |
Use these buttons on the details toolbar to manage the dependent assets.
Table 82: Accounts: Access Request Policies tab toolbar
|
 Add to Policy
|
Add the selected account to the scope of an access request policy. |
|
 Remove Selected
|
Remove the selected policy. |
|
Refresh |
Update the list of dependent assets assigned to the selected account. |
|
Search |
To locate a specific dependent asset in this list, enter the character string to be used to search for a match. For more information, see Search box.. |
