Safeguard for Privileged Passwords displays a number on your Toolbox navigation link to notify you when you have any tasks running.
You can then select and drag the pane to any location on the console and re-size the window.
A Safeguard for Privileged Passwords account is a unique identifier that Safeguard for Privileged Passwords uses to control access to assets. Managed user, group, or service accounts exist on the asset. Each account has an associated asset; if you delete an asset, Safeguard for Privileged Passwords permanently deletes all the accounts associated with it.
The Auditor and the Asset Administrator have permission to access Accounts.
Note: On Unix assets, the accounts are stored in etc/passwd; however, each platform implements this concept differently.
The Accounts view displays the following information about the selected account:
Note: Safeguard for Privileged Passwords designates a service account with a Service Account icon. For more information, see About service accounts.
|General tab||Displays general information about the selected account.|
|Access Request Policies tab||Displays the entitlements and access request policies associated with the selected account.|
|Account Groups tab||Displays the account groups that contain the selected account.|
|Check and Change Log tab||Displays the password validation and reset history for the selected account.|
|History tab||Displays the details of each operation that has affected the selected account.|
For information about configuring account discovery in Safeguard for Privileged Passwords, see Account and service discovery job workflow.
Use these toolbar buttons to manage accounts.
Add accounts to Safeguard for Privileged Passwords. For more information, see Adding an account.
Remove the selected account. For more information, see Deleting an account.
|Refresh||Update the list of accounts.|
Add accounts to Safeguard for Privileged Passwords. For more information, see Importing objects.
Menu options include: Check Password, Change Password, and Set Password. For more information, see Checking, changing, or setting an account password.
Display the password history for the selected account. For more information, see Viewing password archive.
Allows you to enable or disable access request services for the selected account. Menu options include:
Large tiles at the top of the tab display the number of Access Request Policies and Account Groups associated with the selected account. Clicking a tile heading opens the corresponding tab. These tiles are only visible to the Auditor. The time stamps for the password and SSH Key check and change transactions are based on the user's local time.
|Name||The name of the selected account.|
|Partition||The name of the partition where the selected account resides.|
The name of the profile that governs the accounts assigned to a partition.
|Enable Password Request||True or False, indicating whether password release requests are enabled for this account.|
|Enable Session Request||True or False, indicating whether session access requests are enabled for this account.|
|Last Successful Password Check||
The date and time of the last successful password validation.
|Next Password Check||
The date and time of the next automated password check as set in the Check Password schedule of the partition profile. For more information, see Adding check password settings.
|Last Successful Password Change||
The date and time of the last successful password change.
|Next Password Change||
The date and time of the next automated password change as set in the Change Password schedule of the partition profile. For more information, see Adding change password settings.
|Last Successful SSH Key Change||
The date and time of the last successful SSH Key change.
|Next SSH Key Change||
The date and time of the next SSH Key change.
Tags: Tag assignments for the selected account.
The tiles displayed in the Tags pane include both the dynamic tags added through tagging rules and static tags that were added manually. In addition to viewing tag assignments, Asset Administrators can add and remove statically assigned tags.
NOTE: Dynamically assigned tags contain a lightening bolt icon and cannot be deleted; whereas, static tags which can be removed contain an X icon.
Description: Information about selected account.