Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 2.11 - Administration Guide

Introduction System requirements Using the virtual appliance and web management console Using the cloud Setting up Safeguard for Privileged Passwords for the first time Search box Using the web client Installing the desktop client Using the desktop client Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Safeguard Access settings Sessions settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions Appendix E: Historical changes by release Glossary

Asset Discovery

You can schedule one or more Asset Discovery jobs to run automatically against the directories or network (IP range) you have added to Safeguard for Privileged Passwords. The assets in the scope of the discovery job may include assets that were previously added (manually) to the Safeguard partition. For more information, see Adding an asset.

If you use asset discovery Method of Directory, directory assets that are shared can be discovered into any partition. To share a directory asset, select Available for discovery across all partitions for the asset; see Management tab (add asset).

When an Asset Discovery job runs, the found asset is added to Assets. If the operating system cannot be detected in the Network Scan or Directory method of asset discovery, the Other Linux operating system is applied which you can modify later. For more information, see Modifying an asset.

For more information, see Asset Discovery job workflow.

Properties and toolbar

Navigate to Administrative Tools | Discovery | Asset Discovery.

Use these toolbar buttons to manage the discovery job settings.

Table 64: Asset Discovery: Toolbar
Option Description
Add

Add an Asset Discovery job. For more information, see Adding an Asset Discovery job.

Delete Selected

Delete the selected Asset Discovery job.

Refresh

Update the list of Asset Discovery jobs that have run.

Edit

Modify the selected Asset Discovery job. You can also double-click a row to open the edit dialog.

Run Now

Run the selected Asset Discovery job. A Task pop-up display which shows the progress and completion.

Details

View additional details about the selected Asset Discovery job including schedule frequency and rules.

Search

Enter the character string to be used to search for a match. For more information, see Search box.

Asset Discovery jobs display in the grid.

Table 65: Asset Discovery: Asset Discovery job grid
Name Name of the discovery job
Creator Indicates how the job was launched, for example, Automated System or Admin
Method The type of job, for example, Windows, Unix, or Directory
Directory The directory on which the discovery job runs
Partition

The partition in which to manage the discovered assets or assets

Schedule

Designates when the Asset Discovery job runs
Last Run Date The date the selected Asset Discovery job ran
Next Run Date The date when the Asset Discovery job is scheduled to run next

Last Success Run Date

The most recent date the selected Asset Discovery job successfully ran

Last Failure Run Date

The most recent date the selected Asset Discovery job failed

Asset Discovery job workflow

You can configure, schedule, test, and run Asset Discovery jobs. After the job has run, you can select whether to manage the asset. You can also view information about the Asset Discovery jobs that have run.

  1. Create an Asset Discovery job. For more information, see Adding an Asset Discovery job.
  2. After you save the Asset Discovery job, you can test it by selecting Run Now. For more information, see Asset Discovery.
  3. After the Asset Discovery job runs, click Asset Discovery Results to view the assets found. For more information, see Asset Discovery Results.
  4. To control management of an asset, navigate to Administrative Tools | Assets, right-click the asset, click Enable-Disable, and choose one of these context menu options.

    Enable

    Select Enable to have Safeguard for Privileged Passwords manage a disabled asset. This option is only available for assets that have been disabled.

    Disable

    Select Disable to prevent Safeguard for Privileged Passwords from managing the selected asset. When you disable an asset, Safeguard for Privileged Passwords disables it and removes all associated accounts. If you choose to manage the asset later, Safeguard for Privileged Passwords re-enables all the associated accounts.

  5. On Administrative Tools | Assets, you can show or hide assets marked as disabled, use the following buttons. For more information, see Assets.
    Show Disabled Display the disabled assets.
    Hide Disabled Hide assets marked as disabled.
  6. Search the Activity Center for information about discovery jobs that have run. Safeguard for Privileged Passwords lists the Asset Discovery events in the Asset Discovery Activity category.

Adding an Asset Discovery job

You can add a new Asset Discovery job.

  1. Navigate to Administrative Tools | Discovery.
  2. Click the Asset Discovery tile.
  3. Click Add to create a new Asset Discovery job.
  4. In the Asset Discovery dialog, provide information for the discovery job on the following tabs:
    General tab (asset discovery)

    Where you add general information about the discovery job and identify which partition you want Safeguard for Privileged Passwords to add the assets it discovers. You will also specify the discovery method (Directory or Network Scan).

    Information tab (asset discovery)

    Where you select the directory and set the search location.

    Rules tab (asset discovery)

    Where you define the search constraints and conditions and choose the profile you want to govern the discovered assets.

    Schedule tab (asset discovery)

    Where you configure the schedule for the discovery job.

    Summary tab (asset discovery)

    Where you review the Asset Discovery job parameters and save it.

    After you save the discovery job, you can modify or run it using the Asset Discovery toolbar. For more information, see Asset Discovery.

General tab (asset discovery)

Navigate to Administrative Tools | Discovery | Asset Discovery | (add or edit a Asset Discovery job).

On the Asset Discovery dialog, General tab, supply general information about the Asset Discovery job and identify the partition where you want Safeguard for Privileged Passwords to add the assets it discovers.

Table 66: Discovery: General properties
Property Description
Name

Enter a name for the Asset Discovery job.

Limit: 50 characters

Description

Enter information about this Asset Discovery job.

Limit: 255 characters

Partition

Browse to select the partition in which to manage the discovered assets.

Important: You cannot change the partition after you save this discovery job.

Method

Choose a type of discovery:

  • Network Scan
  • Directory

If you select Directory, directory assets that are shared can be discovered into any partition. To share a directory asset, select Available for discovery across all partitions for the asset; see Management tab (add asset). If the check box is not selected, the asset is not shared and the asset will only be discovered into the partitions to which the directory asset is assigned.

Related Documents