When deleting a partition, you must designate another partition to transfers all assets and accounts. The partition profiles and associated profile settings, discovery jobs, and history data for the partition you are deleting are deleted along with the profile.
In the Asset Partition dialog, select the partition where assets and accounts are to be reassigned.
The Settings page in Administrative Tools is where you configure Safeguard for Privileged Passwords to run backups, install updates, manage clusters, manage certificates, enable event notifications, enable external integration, define profile configuration settings, define user password rules, define discovery rules, and run troubleshooting tools.
You must have administrator permissions to access the Settings page and the administrator permissions you have determine what you can do.
Use the Search control at the top of the Settings page to locate a particular setting. For example, if you type password and press the Enter key, a list of all the password settings appears; select an entry from this list to display the selected settings page.
The following Settings are available. See each section for a description of the functions available.
Use the Access Request settings to enable (or disable) access request and password management services and to define global reason codes that can be used when creating access request policies.
Navigate to Administrative Tools | Settings.
Setting | Description |
---|---|
Enable or Disable Services (Access request and password management services)
|
Where you enable or disable the following Safeguard for Privileged Passwords services:
|
Reasons |
Where you configure access request reason codes, which can then be used when creating access request policies. |
One Identity Safeguard for Privileged Passwords allows you to enable or disable access request and password management services. These settings control session and password release requests, manual account password validation and reset tasks as well as the automatic profile check and change tasks in Partitions.
All services are enabled by default. The toggles appear blue with the switch to the right when a service is enabled and gray with the switch to the left when a service is disabled.
These global settings are enabled by default. By default, these services are disabled for service accounts and for accounts and assets found as part of a discovery job.
Service accounts can be modified to adhere to these schedules and discovered accounts can be activated when managed.
It is the responsibility of the Appliance Administrator to manage the access request and password management services.
Navigate to Administrative Tools | Settings | Access Request | Enable or Disable Services.
Setting | Description | ||
---|---|---|---|
|
Session requests are enabled by default indicating that authorized users can make session access requests. There is a limit of 1000 sessions on a single access request. Click the Session Requests Enabled toggle to disable this service so sessions can not be requested.
| ||
|
Password requests are enabled by default indicating that authorized users can make password release requests Click the Password Requests Enabled toggle to disable this service so passwords can not be requested.
| ||
Check Password Management Enabled
|
Check password management is enabled by default indicating that Safeguard for Privileged Passwords automatically performs the password check task if the profile is scheduled, and allows you to manually check an account's password. Click the Check Password Management Enabled toggle to disable the password validation service.
| ||
Change Password Management Enabled
|
Change password management is enabled by default indicating that Safeguard for Privileged Passwords automatically performs the password change task if the profile is scheduled, and allows you to manually reset an account's password. Click the Change Password Management Enabled toggle to disable the password reset service.
| ||
Session Module Password Access Enabled
|
Session module password access is disabled by default. When the toggle is on, Safeguard for Privileged Passwords (SPP) can create an access request and check out a password from Safeguard for Privileged Sessions (SPS) on behalf of another user. When the toggle is switched off, this ability is revoked. This functionality supports Safeguard for Privileged Sessions (SPS) version 6.2.0 or later. For more information, see the One Identity Safeguard for Privileged Sessions Administration Guide at this link: One Identity Safeguard for Privileged Sessions - Technical Documentation.
|
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy