Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 2.9 - Administration Guide

Introduction System requirements Using the virtual appliance and web management console Installing the desktop client Setting up Safeguard for Privileged Passwords for the first time The console Navigation pane Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Safeguard Access settings Sessions settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Historical changes by release Glossary

Setting a default partition

Each Asset Administrator can set a unique default partition and partition profile so that all new assets that administrator adds are automatically assigned to the default partition and default partition profile. For more information, see Setting a default partition profile.

To set the default partition

  1. Navigate to Administrative Tools | Partitions.
  2. In Partitions, right-click (or press and hold) a partition and choose Set as Default from the context menu.

    -OR-

  3. Select a partition and click Set as Default from the toolbar.

Setting a default partition profile

When you create a new partition, Safeguard for Privileged Passwords creates a corresponding default profile with default schedules and rules. Each Asset Administrator can set a unique default partition and partition profile. Once you set a default profile, all new assets and accounts you add are automatically assigned to that profile.

Safeguard for Privileged Passwords sets the default schedules to "Never" verify or reset passwords. To change the settings, see Modifying a partition profile.

When you associate an asset to a partition, all the accounts associated with that asset, are also added to the scope of that partition. For more information, see About partition profiles.

To set another profile as the default

  1. Navigate to Administrative Tools | Partitions.
  2. In Partitions, select a partition from the object list and open the Profiles tab.
  3. Select a profile that is not the current default and click  Set as Default from the details toolbar or context menu.

Assigning assets or accounts to a partition profile

This topic explains how to assign an asset or an account to a partition profile. You can only add assets and accounts to a profile that are assigned to the scope of the partition.

You can also configure Safeguard for Privileged Passwords to run automatic Asset Discovery or Account Discovery jobs. For more information, see Discovery.

Only associate accounts to a partition profile that you want Safeguard for Privileged Passwords to manage. For example, a directory can be added to any partition as an asset and any partition profile can be assigned. If directory user accounts are associated with a partition profile, Safeguard for Privileged Passwords will automatically change the user passwords according to the change password schedule in the profile. Depending on the settings, this could prevent a directory user from logging into Safeguard for Privileged Passwords.

To add assets or accounts to a partition profile

  1. Navigate to Administrative Tools | Partitions.
  2. In Partitions, select a partition from the object list and open the Profiles tab.
  3. Select a profile and click the  Details icon.

  4. To add an asset to the selected partition profile, switch to the Assets tab of the partition profile's details window.
    1. Click Add Asset.
    2. On the Asset dialog, select the assets to be added.
    3. Click OK.
  5. To add an account to the selected partition profile, switch to the Accounts tab of the partition profile's details window.
    1. Click  Add Account.
    2. On the Account dialog, select the accounts to be added.
    3. Click OK.

If you do not see the account you are looking for, it might be assigned to a different partition. If you have have Asset Administrator permissions to create assets and accounts, you can click  Create New to add an account. For more information, see Adding an account.

Related Topics

Assigning a profile to an asset

Setting a default partition profile

Modify a partition

To modify a partition

  1. Navigate to Administrative Tools | Partitions.
  2. In Partitions, select a partition from the object list.
  3. Select the view of the partition's information you want to modify (General, Assets, Accounts, or Profiles).

    For example:

    • To change a partition's name or description, or delegate partition management to a user, click the  Edit icon.

      Note: You can also double-click a partition name to open the General settings edit window.

    • To assign assets to the partition, open the Assets tab.

      Note: You can multi-select items to assign more than one asset to a partition.

    • To modify the password validation and reset settings, open the Profiles tab, select a profile, and click the  Edit icon.
  4. To set the default partition, select the partition then click Set as Default from the toolbar or context menu.
  5. To view or export the details of each operation that has affected the selected partition, open the History tab. For more information, see History tab.
Related Topics

Adding a partition

Creating a partition profile

Removing assets from a partition

Adding assets to a partition

Assigning an asset to a partition

Related Documents