It is the responsibility of the Asset Administrator to add assets and accounts to Safeguard for Privileged Passwords.
Safeguard for Privileged Passwords allows you to set up asset discovery jobs that run automatically. For more information, see Asset discovery job workflow.
Before you add systems to Safeguard for Privileged Passwords, make sure they are properly configured. For more information, see Preparing systems for management.
General tab |
Where you add general information about the asset. |
Management tab |
Where you add the network address, operating system and version information. |
Connection tab | Where you add the authentication type information or custom platform properties. |
Use the General tab to specify general information about the asset, including the partition and profile to which the asset is assigned. An asset can only be in one partition at a time. When you add an asset to a partition, all accounts associated with that asset are automatically added to that partition. All assets must be governed by a profile. All new assets are automatically governed by the default profile unless otherwise specified.
Property | Description |
---|---|
Name |
Enter a unique display name for the asset. Limit: 100 characters Required |
Description |
(Optional) Enter information about this managed system. Limit: 255 characters |
Partition |
Browse to select a partition for this asset. You can set a specific partition as the default, see Setting a default partition. |
Profile |
Browse to select a profile to manage this asset's accounts. You must assign all assets to a profile. Safeguard for Privileged Passwords assigns all new assets to the default profile unless you specify another. You can set a specific profile as the default. For more information, see Setting a default partition profile. Click Reset to set the profile to the current default. The Reset button only becomes active when the asset has been explicitly assigned to the profile. If the asset is only implicitly assigned to the profile, Safeguard for Privileged Passwords does not activate the Reset button. If you do not explicitly assign an asset to a profile, it is always assigned to the current default profile. |
Use the Administrative Tools | Assets | Management tab to add the network address, operating system and version information for an asset:
Property | Description | ||
---|---|---|---|
Product |
Select an operating system for this asset. A custom platform can be selected. For more information, see Custom Platforms.
| ||
Version |
Select the operating system version. When adding a Linux or Macintosh OS X system, Safeguard for Privileged Passwords allows you to choose an "Other" version.
| ||
Architecture |
When applicable, select the operating system architecture. | ||
Network Address |
Enter a network DNS name or the IP address used to connect to the managed system over the network. For Amazon Web Services assets, enter the Amazon AWS Account ID or Alias. | ||
Advanced |
Click to display settings specific to the custom platform. | ||
Session Access Properties Use the following settings to enable session access for this asset. | |||
Enable Session Request |
This check box is selected by default indicating that authorized users can request session access for this asset. Clear this check box if you do not want to allow session requests for this asset. | ||
RDP Session Port |
Specify the access port on the target server to be used for RDP session requests. Default: Port 3389 | ||
SSH Session Port |
Specify the access port on the target server to be used for SSH session requests. Default: Port 22 |
On the Connection tab, choose an authentication type and specify the service account credentials. The type of asset specified in the Product field on the Management tab determines the authentication types available for the asset. If the asset has a custom platform, the Custom Properties elements are displayed. For more information, see Custom Platforms.
Authentication Type | Description | ||
---|---|---|---|
SSH Key | To authenticate to the asset using an SSH authentication key. | ||
Directory Account |
To authenticate to the asset using an account from an external identity store such as Microsoft Active Directory.
| ||
Local System Account |
For SQL Server assets, to authenticate to the asset using a local system account, which is a Windows user account on the server that is hosting the SQL database. | ||
Password |
To authenticate to the asset using a local service account and password. | ||
Account Password |
For Facebook and Twitter assets, to authenticate using the current account password. For more information, see Adding a cloud platform account. | ||
Access Key |
For Amazon Web Services assets, to authenticate to the asset using an access key. For more information, see Adding a cloud platform account. | ||
None | To authenticate to the asset manually. |
Client ID: For SAP assets, enter the client ID.
If the Product field on the Management tab identified a custom platform, complete the dialog based on the custom properties of the custom platform script. Safeguard for Privileged Passwords checks to ensure the values match the type of the property which include: a string, boolean, integer, or password (which is called secret in the API scripts). Safeguard for Privileged Passwords cannot check the validity or system impact of values entered for custom platforms. For more information, see Creating a custom platform script.
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy