Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 2.11.2 - Administration Guide

Introduction System requirements Using the virtual appliance and web management console Using the cloud Setting up Safeguard for Privileged Passwords for the first time Search box Using the web client Installing the desktop client Using the desktop client Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Safeguard Access settings Sessions settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions Appendix E: Historical changes by release Glossary

Uninstalling the desktop client

You can uninstall a desktop client.

To uninstall the desktop client

  1. In the Windows Control Panel, open Programs and Features.
  2. Right-click the Safeguard for Privileged Passwords application and choose Uninstall.

Using the desktop client

One Identity Safeguard for Privileged Passwords has two graphical user interfaces that allow you to manage password and session requests, approvals, and reviews for your managed accounts and systems:

  • Windows desktop client: The desktop client consists of an end-user view and an administrator view. The administrative functionality is dynamically enabled based on the user's permissions. The desktop client user interface information follows.
  • Web client: The web client is functionally similar to the desktop client end-user view. For more information, see Using the web client.

NOTE: In this documentation, you will see the following icons which denote the interface:

(web client)

(desktop client)

Desktop client toolbar

The toolbar along the top-right corner of the Safeguard for Privileged Passwords console, has these controls:

Settings (desktop client)

The desktop client console Settings () allows you to configure the desktop client application.

Notifications

Use the following options to control notifications within Safeguard for Privileged Passwords:

  • Run in the System Tray when you close the application.

    When you enable the Run in the System Tray option, you cannot modify the toast notifications option. However, when you disable the Run in the System Tray option, you can enable or disable toast notifications.

    Note: When you enable the Run in the System Tray option, you cannot modify the toast notifications option because in that mode, you always get notifications.

  • Enable Toast Notifications to display event alerts on your console.

    Toast notifications are alerts that appear when the desktop client application is not the active foreground application: for example, when you are in another application or when you have minimized the desktop client.

Reset Notifications: Click Reset Notifications to reenable any notifications pop ups that have been preciously suppressed.

Widgets

Click the toggles to enable (toggle on ) or disable (toggle off ) the Home page widgets:

  • Requests
  • Approvals
  • Reviews

All widgets are enabled by default, indicating that the corresponding controls display on your Home page. The toggles appear blue with the switch to the right when a widget is enabled, and gray with the switch to the left when a widget is disabled.

About dialog tab

Click About Safeguard for Privileged Passwords to display the following information.

  • About: The trademark and copyright information
  • Contact: Information about how to get in touch with One Identity
  • Components: A list of third-party components used in Safeguard for Privileged Passwords
  • Third Party License Text: The license text for third-party components that require this text to be included in the product documentation

User information and log out

On the desktop client, click the user avatar (or the Welcome link with your user name) to modify your personal information, manage email notifications, view current notifications, or log out of Safeguard for Privileged Passwords.

My Account

Click My Account to modify your personal information and manage your email notifications.

NOTE:Safeguard for Privileged Passwords Active Directory users cannot use My Account to modify their email address, phone number, or change their password. They must do these actions in Active Directory

To update your personal information

  1. From the toolbar, select your user avatar and choose My Account. Perform any of the following:
    • To change your image, select  Change Photo.

    • To change your email address or Contact Information, type into the appropriate box.
  2. Click Done to close the My Accounts pane.

To change your user password

  1. From the toolbar, select your user avatar and choose My Account.
  2. To change your user password, click Change Password and complete the information.
  3. Click Done to close the My Accounts pane.

To manage your FIDO2 keys

At least one key must be registered. When a key is added, the placeholder name is Unnamed Key. You can enter a meaningful name or later edit the name. It is recommended that all users have more than one key registered in case a key is lost or damaged.

  1. From the toolbar, select your user avatar and choose My Account.
  2. Click Manage FIDO2 Keys. The name and date each key was registered and last used displays.
    • Click Edit to change the name then click Save. Click Cancel to leave the editing operation.
    • Click Delete to delete a key. One key must remain registered. If a physical security key is lost, always delete the associated key from Safeguard for Privileged Passwords.
    • Click Register New FIDO2 Key to add a key.
      1. You will be asked to insert or connect to the new key.
      2. You will be prompted to reenter your primary credentials for verification.

      3. Tap or activate your new FIDO2 key that is being registered.

      4. You may then go back to the Manage FIDO2 Key page and give your newly registered key a name.

  3. Click Done to close the My Accounts pane.

For more information, see Requiring secondary authentication log in.

To manage the notifications you receive

  1. From the toolbar, select your user avatar and choose My Account.
  2. Click Manage Email Notifications.

    The Manage Email Notifications dialog displays the type of events for which you are receiving email notifications.

    NOTE: When there are no delegated owners assigned to a partition, email notifications related to partitions are sent to the Asset Administrator. However, when a delegated owner is specified to manage the assets and accounts in a partition, email notifications related to partitions are sent to the delegated owner, not to the Asset Administrator.

  3. From this dialog, you can define the types of events for which you want to receive notifications.

    By default, all events are selected. Clear the check box for any events for which you do not want to receive an email notification.

    TIP: Select the check box next to the Events heading to select all of the events in the list. Similarly, clear the check box next to the Events heading to clear all of the event check boxes.

  4. Click OK to save your selections and close the dialog.
  5. Click Done to close the My Accounts pane.
Log Out

Click Log Out to log out of the Safeguard for Privileged Passwords desktop client.

Related Documents