Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 2.5 - Administration Guide

Introduction System requirements Installing the One Identity Safeguard for Privileged Passwords desktop client Setting up Safeguard for Privileged Passwords for the first time Getting acquainted with the console Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Directories Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Access settings Sessions settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions
How do I access the API How do I audit transaction activity How do I configure external federation authentication How do I manage accounts on unsupported platforms How do I modify the appliance configuration settings How do I prevent Safeguard for Privileged Passwords messages when making RDP connections How do I see which assets and/or accounts are governed by a profile How do I set the appliance system time How do I setup discovery jobs How do Safeguard for Privileged Passwords database servers use SSL What are the access request states What do I do when an appliance goes into quarantine What is required for One Identity Safeguard for Privileged Passwords, embedded sessions module What is required to integrate with Starling Identity Analytics & Risk Intelligence What needs to be set up to use Application to Application What role-based email notifications are generated by default When does the rules engine run for dynamic grouping and tagging Why did the password change during an open request Why join Safeguard for Privileged Passwords to One Identity Starling
Safeguard Desktop Player Appendix: Safeguard ports

Console Settings

The Safeguard for Privileged Passwords console Settings () allows you to configure the desktop client application.

Notifications

Use the following options to control notifications within Safeguard for Privileged Passwords:

  • Run in the System Tray when you close the application.

    When you enable the Run in the System Tray option, you cannot modify the toast notifications option. However, when you disable the Run in the System Tray option, you can enable or disable toast notifications.

    Note: When you enable the Run in the System Tray option, you cannot modify the toast notifications option because in that mode, you always get notifications.

  • Enable Toast Notifications to display event alerts on your console.

    Toast notifications are alerts that appear when the desktop client application is not the active foreground application; for example, when you are in another application or when you have minimized the desktop client.

Reset Notifications: Click Reset Notifications to re-enable any notifications pop ups that have been preciously suppressed.

Widgets

Click the toggles to enable or disable the Home page widgets:

  • Requests
  • Approvals
  • Reviews

All widgets are enabled by default, indicating that the corresponding controls display on your Home page. The toggles appear blue with the switch to the right when a widget is enabled and gray with the switch to the left when a widget is disabled.

About

Click About Safeguard for Privileged Passwords to display the following information.

Table 12: About dialog tabs
Tab Description
About The trademark and copyright information.
Contact Information about how to get in touch with One Identity.
Components A list of third-party components used in Safeguard for Privileged Passwords.
Third Party License Text The license text for third-party components that require this text to be included in the product documentation.

User avatar

Click the user avatar (or the Welcome link with your user name) to modify your personal information, manage email notifications, view current notifications, or log out of Safeguard for Privileged Passwords.

My Account

Click My Account to modify your personal information and manage your email notifications.

NOTE: Safeguard for Privileged Passwords Active Directory users cannot use My Account to modify their email address, phone number, or change their password. They must do these actions in Active Directory

To update your personal information

  1. From the toolbar, select your user avatar and choose My Account.
  2. To change your image, select  Change Photo.

  3. To change your email address or Contact Information, type into the appropriate box.
  4. To change your user password, click Change Password.
  5. Click Done to close the My Accounts pane.

To manage the notifications you receive

  1. From the toolbar, select your user avatar and choose My Account.
  2. Click Manage Email Notifications.

    The Manage Email Notifications dialog displays the type of events for which you are receiving email notifications.

    NOTE: When there are no delegated owners assigned to a partition, email notifications related to partitions are sent to the Asset administrator. However, when a delegated owner is specified to manage the assets and accounts in a partition, email notifications related to partitions are sent to the delegated owner, not to the Asset administrator.

  3. From this dialog, you can define the types of events for which you want to receive notifications.

    By default, all events are selected. Clear the check box for any events for which you do not want to receive an email notification.

    TIP: Select the check box next to the Events heading to select all of the events in the list. Similarly, clear the check box next to the Events heading to clear all of the event check boxes.

  4. Click OK to save your selections and close the dialog.
  5. Click Done to close the My Accounts pane.
Log Out

Click Log Out to log out of the Safeguard for Privileged Passwords desktop client.

Navigation pane

The Home page left navigation pane has these links:

Table 13: Navigation pane options
Page Description

 Home

Where you view and take action on the access request tasks that need your immediate attention. As a "requester" it also provides access to your list of "Favorite" access request queries.

Dashboard

Where Security Policy Administrators can audit access requests.

Where Asset and Directory administrators can view information regarding accounts that are failing different types of tasks.

 Activity Center

Where you can search for and review activity for a specific time frame.

Reports

Where you can view and export entitlement reports that show you which assets and accounts a selected user is authorized to access.

Administrative Tools

Where you add all the objects you need to write access request policies, such as users, accounts, and assets.

Where you define and management all of the administrative Safeguard for Privileged Passwords settings.

Home

When you log into Safeguard for Privileged Passwords, you begin your session on the Home page. The Message of the Day displays on the right side. The rest of the Home page is tailored to your user rights and permissions. If you are authorized by an entitlement to request, approve, or review access requests, then your Home page gives you a quick view to the access request tasks that need your immediate attention.

NOTE: You can turn Requests, Approvals, and Reviews widgets on or off in Console Settings.

NOTE: The Appliance Administrator sets the Message of the Day. For more information, see Message of the Day.

Requester's Home page view

Click the New Request tile to open the New Access Request dialog which lists the assets and accounts you are authorized to access. From this dialog you specify the assets, accounts and the type of access you are requesting, and additional details about the request.

For more information, see:

Expand Requests to view the requests awaiting action.

For more information, see:

The Favorites pane (right pane) displays a list of requests you have marked as a "favorite", providing a quick way to request access.

Use the toolbar buttons at the top of the Favorites pane to manage your favorite requests.

Table 14: Favorites pane: Action bar buttons
Button Description

New Favorite

Select this button to create a new favorite request. Clicking this button displays the New Access Request dialog allowing you to select the assets, accounts, type of access, and additional details about the request.

Select this button to display additional options for managing your favorite requests:

  • Request Selected
  • Color Selected
  • Remove Selected

TIP: Select the check box to the left of a favorite request to use these additional buttons. Selecting the request itself will launch the New Access Request dialog allowing you to edit and submit the request.

To submit a favorite request, click the request or select the check box to the left of a request and select Request Selected. The New Access Request dialog displays allowing you to edit your selections or enter a required reason or comment before submitting it.

For more information, see:

Approver's Home page view

Your job is to approve or deny the access requests listed on your Home page. Expand Approvals to view the requests awaiting your approval.

For more information, refer to these topics:

NOTE: As an "approver" user, unless you are also designated as a requester, you will see no favorites listed.
Reviewer's Home page view

Your job is to review completed access requests listed on your Home page. Expand Reviews to view the completed requests requiring your review.

For more information, refer to these topics:

NOTE: As a "reviewer" user, unless you are also designated as a requester, you will see no favorites listed.
Related Documents