You can configure Safeguard for Privileged Passwords to authenticate to a managed system using an account from an external identity store such as Microsoft Active Directory.
|
NOTE: In order to use this authentication type, you must first add a directory to Safeguard for Privileged Passwords and add domain user accounts. For more information, see Directories. |
Property | Description | ||
---|---|---|---|
Service Account |
Click (or tap) Select Account to choose a domain user account. The accounts available for selection are domain user accounts that are linked to a directory that was previously added to Safeguard for Privileged Passwords. Required | ||
Test Connection |
Click (or tap) this button to verify that Safeguard for Privileged Passwords can log into this asset using the service account credentials you have provided. For more information, see About Test Connection. | ||
Advanced |
Open to reveal the following settings:
| ||
Privilege Level Password | Enter the system enable password to allow access to the Cisco configuration. | ||
Privilege Elevation Command |
Enter a privilege elevation command (such as sudo), if required. Safeguard for Privileged Passwords uses this as a prefix for commands that require privileged access on the system and to manage accounts on Unix-based systems; that is, to check and change passwords and to discover accounts.
Limit: 255 characters | ||
Auto Accept SSH Host Key |
Select this option to have Safeguard for Privileged Passwords automatically accept an SSH host key.
| ||
Instance |
(Optional) Specify the instance name if you have configured multiple instances of a SQL Server on this asset.
| ||
Port |
Enter the port number to log into the asset.
Required | ||
Connection Timeout |
Enter the directory connection timeout period. Default: 20 seconds |
You can configure Safeguard for Privileged Passwords to authenticate to a managed SQL Server using a local system account and password. The local system account is a Windows user account on the server that is hosting the SQL database.
|
NOTE: In order to use this authentication type, you must add both a Windows asset and a SQL Server asset to Safeguard for Privileged Passwords. |
Property | Description | ||
---|---|---|---|
Service Account |
Click (or tap) Select Account to choose the local system account associated with the SQL Server for Safeguard for Privileged Passwords to use for management tasks. Required | ||
Test Connection |
Click (or tap) this button to verify that Safeguard for Privileged Passwords can log into this asset using the local system account credentials you have provided. For more information, see About Test Connection. | ||
Advanced |
Open to reveal the following settings: | ||
Instance |
(Optional) Specify the instance name if you have configured multiple instances of a SQL Server on this asset.
| ||
Port |
Enter the port number to log into the asset. Required | ||
Connection Timeout |
Enter the SQL server connection timeout period. Default: 20 seconds |
You can configure Safeguard for Privileged Passwords to authenticate to a managed system using a local service account and password.
|
Note: Some options are not available for all operating systems. |
Property | Description | ||||
---|---|---|---|---|---|
Distinguished Name |
For LDAP platforms, enter the fully qualified distinguished name (FQDN) for the service account. For example: cn=dev-sa,ou=people,dc=example,dc=com | ||||
Service Account Name |
Browse to select the service account for Safeguard for Privileged Passwords to use for management tasks. When you add the asset, Safeguard for Privileged Passwords automatically adds the service account to Accounts. For more information, see About service accounts. Required except for LDAP platforms, which use the Distinguished Name. | ||||
Service Account Password |
Enter the service account password used to authenticate to this asset. Limit: 255 characters Required | ||||
Test Connection |
Click (or tap) this button to verify that Safeguard for Privileged Passwords can log into this asset using the service account credentials you have provided. For more information, see About Test Connection. | ||||
Privilege Level Password |
Enter the Enable password to allow access to the Cisco configuration. | ||||
Privilege Elevation Command |
Enter a privilege elevation command (such as sudo), if required. Safeguard for Privileged Passwords uses this as a prefix for commands that require privileged access on the system and to manage accounts on Unix-based systems; that is, to check and change passwords and to discover accounts.
Limit: 255 characters | ||||
Auto Accept SSH Host Key |
This option is selected by default indicating that Safeguard for Privileged Passwords automatically accepts an SSH host key. Once the SSH host key is discovered, the SSH host key fingerprint is displayed.
| ||||
Use SSL Encryption |
Select this option to enable Safeguard for Privileged Passwords to encrypt communication with this asset.
| ||||
Verify SSL Certificate |
Use this option to enable or disable SSL Certificate verification on the asset. When enabled, Safeguard for Privileged Passwords compares the signing authority of the certificate presented by the asset to the certificates in the Trusted Certificates store every time Safeguard for Privileged Passwords connects to the asset. Trust must be established for Safeguard for Privileged Passwords to manage the asset.
| ||||
Instance |
(Optional) Specify the instance name if you have configured multiple instances of a SQL server on this asset.
| ||||
Workstation ID |
Specify the configured workstation ID, if applicable.
| ||||
Port |
Enter the port number on which the asset will be listening for connections. Default: port 22; port 1433 for SQL server; port 8443 for SonicWALL SMA or CMS appliance. Required | ||||
Connection Timeout |
Enter the connection timeout period. Default: 20 seconds |
You can configure Safeguard for Privileged Passwords to authenticate to a managed system using an access key.
Property | Description |
---|---|
Service Account |
Enter an account for Safeguard for Privileged Passwords to use for management tasks. For more information, see About service accounts. |
Access Key ID |
Enter the unique identifier that is associated with the secret key. The access key ID and secret key are used together to sign programmatic AWS requests cryptographically. Limit: 32 alphanumeric characters |
Secret Key |
Enter a secret access key used to cryptographically sign programmatic Amazon Web Services (AWS) requests. Limit: 40 alphanumeric characters; the + and the / characters are also allowed. |
Test Connection |
Click (or tap) this button to verify that Safeguard for Privileged Passwords can log into this asset using the service account credentials you have provided. For more information, see About Test Connection. |
Port |
Enter the port number to log into the asset. |
Connection Timeout |
Enter the connection timeout period. Default: 20 seconds |
© 2019 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy