As an Appliance Administrator, you can use the Factory Reset feature to reset a Safeguard for Privileged Passwords Appliance to recover from major problems or to clear the data and configuration settings on the appliance.
|
Caution: Care should be taken when performing a factory reset against a physical appliance, because this operation removes all data and audit history, returning it to its original state when it first came from the factory. The appliance must go through configuration again as if it had just come from the factory. For more information, see Setting up Safeguard for Privileged Passwords for the first time. In addition, performing a factory reset may change the default SSL certificate and default SSH host key. |
Performing a factory reset on a clustered hardware appliance will not automatically remove the appliance from a cluster. The recommended best practice is to unjoin an appliance from the cluster before performing a factory reset on the appliance. After the unjoin and factory reset, the appliance must be configured again. For more information, see Setting up Safeguard for Privileged Passwords for the first time.
To perform a factory reset from the desktop client
In the Factory Reset confirmation dialog, enter the words Factory Reset and click OK.
The appliance will go into Maintenance mode to revert the appliance. Once completed, you will be prompted to restart the desktop client. If the appliance had been in a cluster, you may need to unjoin the factory reset appliance. The factory reset appliance must be configured again. For more information, see Setting up Safeguard for Privileged Passwords for the first time. In addition, when you log into the appliance, you will be prompted to add your Safeguard for Privileged Passwords licenses.
It is the responsibility of the Appliance Administrator to manage the Safeguard for Privileged Passwords licenses. For more information, see Product licensing.
To avoid disruptions in the use of Safeguard for Privileged Passwords, the Appliance Administrator must configure the SMTP server, and define email templates for the License Expired and the License Expiring Soon event types. This ensures you will be notified of an approaching expiration date. For more information, see Enabling email notifications.
To enter licensing information when you first log in
The first time you log in as the Appliance Administrator, you are prompted to add one or more licenses. The Success dialog displays when a license is added.
On the virtual appliance, the license is added as part of Initial Setup. For more information, see Setting up the virtual appliance.
To add new licenses from Settings
Browse to select the license file.
Once you add a license, you will see the current license information and a link that allows you to update the license.
Browse to select the license file. Select Open.
The Lights Out Management feature allows you to remotely manage the power state and serial console to Safeguard for Privileged Passwords using the baseboard management controller (BMC). When a LAN interface is configured, this enables the Appliance Administrator to power on an appliance remotely or to interact with the recovery kiosk.
It is the responsibility of the Appliance Administrator to enable and configure the Lights Out Management feature. When Lights Out Management is enabled, the Appliance Administrator can set or change the password and modify the network information for the baseboard management console (BMC). When disabled, Safeguard for Privileged Passwords immediately resets the password to a random value and resets the network settings to default values.
|
IMPORTANT: This feature requires a LAN interface to be enabled and configured. One Identity Safeguard for Privileged Passwords's BMC supports the following LAN interfaces to provide this functionality:
It is strongly recommended that the LAN interface only be enabled in trusted environments. |
To enable Lights Out Management
Click the Set BMC Admin Password button to set the password for the host machine.
Maximum password length: 20 characters.
|
NOTE: If this feature was previously enabled, you will see an Update BMC Admin Password button instead. Optionally, click the Update BMC Admin Password button to reset the password for the host machine. |
|
NOTE: Once Lights Out Management is enabled in Safeguard for Privileged Passwords, you can access the BMC via a web interface or by using SSH to connect to the IPMI port to remotely manage the power state and serial console to Safeguard for Privileged Passwords. The default user for accessing the BMC is ADMIN. |
Safeguard for Privileged Passwords makes these diagnostic tests available for the Appliance Administrator and Operations Administrator.
|
NOTE: When you run these diagnostic tests, they are run on the appliance. |
Navigate to Administrative Tools | Settings | Appliance |Network Diagnostics.
Test | Description |
---|---|
Ping | To verify network connectivity and response time between the appliance to the specified host. |
NS Lookup | To obtain DNS details of the specified host in relation to the appliance. |
Trace Route | To obtain route information; traceroute determines the paths packets take from one IP address to another. |
Telnet |
To test TCP/IP connectivity between the appliance and specified host. |
Show Routes | To retrieve routing table information. |
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy