Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 2.9 - Administration Guide

Introduction System requirements Using the virtual appliance and web management console Installing the desktop client Setting up Safeguard for Privileged Passwords for the first time The console Navigation pane Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Safeguard Access settings Sessions settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Historical changes by release Glossary

Attributes tab (add asset)

The Attributes tab is used to add attributes to directory assets, including Active Directory and LDAP. For more information, see Adding identity and authentication providers.

Table 54: Active Directory and LDAP: Attributes tab
Safeguard for Privileged Passwords Attribute Directory Attribute
Users
Object Class

Browse to select a class definition that defines the valid attributes for the user object class.

Default: user for Active Directory, inetOrgPerson for LDAP

User Name

sAMAccountName for Active Directory, cn for LDAP

Password

userPassword for LDAP

Description

description

Groups
Object Class

Browse to select a class definition that defines the valid attributes for the computer object class.

Default: group for Active Directory, groupOfNames for LDAP

Name

sAMAccountName for Active Directory, cn for LDAP

Member

member

Computer Attributes

 

Object Class

Browse to select a class definition that defines the valid attributes for the computer object class.

Default: computer for Active Directory, ipHost for LDAP

Name

cn

Network Address

dNSHostName for Active Directory, ipHostNumber for LDAP

Operating System

operatingSystem for Active Directory

Operating System Version

operatingSystemVersion for Active Directory

Description

description

Checking an asset's connectivity

After you add an asset you can verify that Safeguard for Privileged Passwords can log into it using the Check Connection option.

Note: When you run Test Connection from the asset's Connection tab (such as when you add the asset initially), you must enter the service account credentials. Once you add the asset to Safeguard for Privileged Passwords it saves these credentials.

The Check Connection option does not require that you enter the service account credentials because it uses the saved credentials to verify that it can log into that asset.

To check an asset's connectivity

  1. Navigate to Administrative Tools | Assets.
  2. From Assets, right-click an asset in the object list to open the asset's context menu.
  3. Choose the Check Connection option.

    Safeguard for Privileged Passwords displays a Toolbox task pane that shows the results.

Related Topics

About Test Connection

About service accounts

Assigning an asset to a partition

Use the Assets view to assign an asset to a partition. An asset can only be in one partition at a time. When you add an asset to a partition, all accounts associated with that asset are automatically added to that partition, as well.

You cannot remove an asset from a partition. However, you can add the asset to another partition either from the scope of the other partition or from an asset's General properties.

To assign an asset to a partition

  1. Navigate to Administrative Tools | Assets.
  2. In Assets, double-click an asset to open the general properties, or click the  Edit icon next to the General title on the General tab.
  3. On the Asset dialog, Browse to select a partition.
  4. ClickOK.
Related Topics

Adding assets to a partition

Assigning a profile to an asset

Use the Assets view to assign a profile to an asset.

To assign a profile to an asset

  1. Navigate to Administrative Tools | Assets.
  2. In Assets, double-click an asset to open the general properties, or click the  Edit icon next to the General title on the General tab.
  3. Browse to select a profile, and click OK. You can only choose profiles that are in the selected asset's partition.

  4. Click Reset to set the profile to the current default.
Related Topics

Assigning assets or accounts to a partition profile

Related Documents