Access Request Policies (account)
The Access Request Policies tab displays the entitlements and access request policies, including password and SSH key release policies and session request policies, associated with the selected account. This information is available to users that have both Asset Administrator and Policy Administrator permissions.
To access Access Request Policies, in the web client, navigate to Asset Management > Accounts > View Details > Access Request Policies.
Table 83: Accounts: Access Request Policies tab properties
Entitlement |
The name of the access request policy's entitlement. |
Access Request Policy |
The name of the access request policy that governs the selected account. |
Accounts |
The number of unique accounts in the account groups that are associated with the access request policy. |
# Account Groups |
The number of unique account groups in the access request policy. |
Account Groups |
The names of the account groups that associate the selected account with the policy. |
Assets |
The number of unique assets in the asset groups that are associated with the access request policy. |
# Asset Groups |
The number of unique assets groups in the access request policy. |
Asset Groups |
The names of the asset groups that associate the selected account with the policy. |
Use these buttons on the details toolbar to manage the dependent assets.
Table 84: Accounts: Access Request Policies tab toolbar
Add to Policy |
Add the selected account to the scope of an access request policy. |
Remove Selected |
Remove the selected policy. |
Refresh |
Update the list of dependent assets assigned to the selected account. |
Search |
To locate a specific dependent asset in this list, enter the character string to be used to search for a match. For more information, see Search box.. |
Check and Change Log tab (account)
The Check and Change Log tab displays the password and SSH key validation and reset history for the selected account.
By default, the check and change log entries displayed are for the last 24 hours. On the web client, use the Date Range drop-down to select a time frame to display and use Export to export the listed data as either a JSON or CSV file (for more information, see Exporting data). If the display does not refresh after selecting a different time interval, click the Refresh.
To access Check and Change Log:
Table 85: Accounts: Check and Change Log tab properties
User |
The display name of the user that triggered the event. |
Status |
The status of the transaction:
|
Reason |
A system message pertaining to the password and SSH key validation and reset activity, such as the password matches the asset, was changed successfully, or does not match the asset. |
Type |
The type of transaction:
-
Check Password
-
Change Password
-
Check SSH Key
-
Change SSH Key
NOTE: Check and Change Log only displays events that the appliance performs; that is, it only displays check and change transactions. It does not display Set Password or Set SSH Key transactions. See:
|
Date/Time |
The date of the transaction. The timestamps for transactions are based on the user's local time. |
Duration |
The amount of time the transaction took to complete. |
Discovered Services tab (account)
The Discovered Services tab displays information on the services dependent to a selected account. This tab is only available for Windows and Active Directory accounts.
To access Discovered Services, in the web client, navigate to Asset Management > Accounts > View Details > Discovered Services.
Use these buttons to manage the discovered services.
Table 86: Discovered Services: Toolbar
Discover Services |
Run the discover services task for each unique Windows asset in the grid below.
IMPORTANT: Before running a service discovery job, ensure you have used unique names for the services. Services with identical names but different service types may not be accurately discovered. For example, an account/asset using the name test1 that appears under both Windows and Windows SSH will only return one discovery result despite there being 2 assets/accounts. |
Export |
Use this button to export the listed data as either a JSON or CSV file. For more information, see Exporting data. |
Refresh |
Update the list of service discovery jobs. |
Search |
To locate one or more assets, enter the character string to be used to search for a match. Click Search, and select an attribute to search on or type in a colon and the attribute text string for one or multiple attributes. For more information, see For more information, see Search box.. |
The following displays for each discovered service.
Table 87: Accounts: Discovered Services tab properties
Asset Name |
The name of the Windows asset. |
Partition |
The name of the partition associated with the Windows asset. |
Dependent Account |
A check displays if the account is associated as an account dependency on the asset. The value is blank if the account is not associated as an account dependency of the asset. |
Service Type |
Type of service discovered. Values may be Service or Task. |
Service Name |
The name of the discovered service or task. |
Service Enabled |
A check displays if the service or task on the asset is enabled. If there is no check mark, the service or task is disabled. |
Discovered Account |
The discovered service account name configured. |
Date/Time Discovered |
The date and time when the service or task was discovered. |
Discovered SSH Keys (account)
The Discovered SSH Keys tab displays the discovered SSH keys for the account.
To access Discovered SSH Keys, in the web client, navigate to Asset Management > Accounts > View Details > Discovered SSH Keys.
Table 88: Accounts: Discovered SSH Keys tab properties
Fingerprint |
The fingerprint of the SSH key used for authentication. |
Account Status |
The status of the Safeguard account. |
SSH Key Managed |
This column will have a check mark indicating the SSH key currently in use on the account. |
Comment |
Free form comment. |
Key Type |
SSH key identity type such as RSA or DSA. For more information, see SSH Key Profiles.. |
Key Length |
The supported RSA or DSA key length displays. |
Asset Name |
Name of the asset associated with the account. |
Account |
The name of the account where the SSH key was discovered. |
Date/Time Discovered |
The date and time when the SSH key was discovered. |
Use these buttons on the details toolbar.
Table 89: Accounts: Discovered SSH Keys tab toolbar
Discover SSH Keys |
Run the selected SSH Key Discovery job. A Task pop-up display which shows the progress and completion.
The button is enabled when the configuration is complete, including a profile (which has a schedule). For more information, see SSH Key Profiles tab (partitions).. |
Revoke |
Use this button to revoke access for unmanaged SSH keys. |
Refresh |
Update the list of dependent assets assigned to the selected account. |
Search |
To locate a specific dependent asset in this list, enter the character string to be used to search for a match. For more information, see For more information, see Search box.. |