Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 2.11 - Administration Guide

Introduction System requirements Using the virtual appliance and web management console Using the cloud Setting up Safeguard for Privileged Passwords for the first time Search box Using the web client Installing the desktop client Using the desktop client Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Safeguard Access settings Sessions settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions Appendix E: Historical changes by release Glossary

Starting the desktop client

The following steps assume the Safeguard for Privileged Passwords 2000 Appliance has been configured and licensed. As a Safeguard for Privileged Passwords user, if you get an appliance is unlicensed notification, contact your Appliance Administrator.

To start the desktop client application

  1. From the Windows Start menu, choose Safeguard.
  2. On the server selection screen, enter or select the server's network DNS name or IP address to connect to the appliance over the network and click Connect.

    Note: When entering an IPv6 address, enclose the IPv6 address in square brackets.

  3. You will see a message like: You'll now be redirected to your web browser to complete the login process. You can select: Don't show this message again. Then, click OK.
  4. On the user login screen, enter your credentials and click Log in.

    • User Name: Enter your user or display name. Do not include spaces in the User Name.

      NOTE: When using directory account credentials, you have the option to enter your domain\name.
    • Password: Enter the password associated with the user entered above.
  5. If your Safeguard for Privileged Passwords user account requires you to log in with secondary authentication, enter the secure password token code, or other authentication for your authentication service provider account and click Submit.

    Note:The type and configuration of the secondary authentication provider (for example, RSA SecureID, FIDO2, One Identity Starling Two-Factor Authentication, and so on) determines what you must provide for secondary authentication. Check with your system administrator for more information about how to log in to Safeguard for Privileged Passwords with secondary authentication.

  6. When login is successful, you can close the web browser and return to the Safeguard application.

To remove server DSN names or IP addresses no longer used

The DSN name or IP address on the server selection screen may be no longer used. If you want to remove one or more selections, you can edit the user.config file using a text editor like Notepad.

  1. Go to:

    C:\Users\<YourSafeguardUserName>\AppData\Local\One_Identity_LLC\Client.Desktop.UI.exe_Url_<UniqueGUID\<ClientVersion>\user.config

  2. Make a backup copy of user.config in case you want to return to the file.
  3. Open the file and edit the following section to list only the addresses you want:

    <setting name="ClusterHistory" serializeAs="Xml">

    <value>

    <ArrayOfString xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

    <string>10.5.33.57</string>

    </ArrayOfString>

    </value>

    </setting>

  4. Save the updated file.
  5. Log on to verify the correct selections display.

Uninstalling the desktop client

You can uninstall a desktop client.

To uninstall the desktop client

  1. In the Windows Control Panel, open Programs and Features.
  2. Right-click the Safeguard for Privileged Passwords application and choose Uninstall.

Using the desktop client

One Identity Safeguard for Privileged Passwords has two graphical user interfaces that allow you to manage password and session requests, approvals, and reviews for your managed accounts and systems:

  • Windows desktop client: The desktop client consists of an end-user view and an administrator view. The administrative functionality is dynamically enabled based on the user's permissions. The desktop client user interface information follows.
  • Web client: The web client is functionally similar to the desktop client end-user view. For more information, see Using the web client.

NOTE: In this documentation, you will see the following icons which denote the interface:

(web client)

(desktop client)

Desktop client toolbar

The toolbar along the top-right corner of the Safeguard for Privileged Passwords console, has these controls:

Settings (desktop client)

The desktop client console Settings () allows you to configure the desktop client application.

Notifications

Use the following options to control notifications within Safeguard for Privileged Passwords:

  • Run in the System Tray when you close the application.

    When you enable the Run in the System Tray option, you cannot modify the toast notifications option. However, when you disable the Run in the System Tray option, you can enable or disable toast notifications.

    Note: When you enable the Run in the System Tray option, you cannot modify the toast notifications option because in that mode, you always get notifications.

  • Enable Toast Notifications to display event alerts on your console.

    Toast notifications are alerts that appear when the desktop client application is not the active foreground application: for example, when you are in another application or when you have minimized the desktop client.

Reset Notifications: Click Reset Notifications to reenable any notifications pop ups that have been preciously suppressed.

Widgets

Click the toggles to enable (toggle on ) or disable (toggle off ) the Home page widgets:

  • Requests
  • Approvals
  • Reviews

All widgets are enabled by default, indicating that the corresponding controls display on your Home page. The toggles appear blue with the switch to the right when a widget is enabled, and gray with the switch to the left when a widget is disabled.

About dialog tab

Click About Safeguard for Privileged Passwords to display the following information.

  • About: The trademark and copyright information
  • Contact: Information about how to get in touch with One Identity
  • Components: A list of third-party components used in Safeguard for Privileged Passwords
  • Third Party License Text: The license text for third-party components that require this text to be included in the product documentation
Related Documents