Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 2.9 - Administration Guide

Introduction System requirements Using the virtual appliance and web management console Installing the desktop client Setting up Safeguard for Privileged Passwords for the first time The console Navigation pane Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Safeguard Access settings Sessions settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Historical changes by release Glossary

Show Routes

Use Show Routes to retrieve routing tables to further investigate connectivity issues.

Navigate to Administrative Tools | Settings | Appliance |Diagnostics.

Table 114: Show Routes diagnostic test settings
Property Description

Show Routes through

Select the network interface to issue the diagnostic command:

  • Network (X0): To retrieve routing tables for the primary interface.
  • Sessions (X1): To retrieve routing tables for the sessions interface. If one or more Safeguard Sessions Appliances are joined to Safeguard for Privileged Passwords, X1 is not available in Safeguard for Privileged Passwords.
Show Routes

Click Show Routes to run the test.

The test results display in the Output window.

Networking

Use the Networking pane to view and configure the primary network interface, and if applicable, a proxy server to relay web traffic, and the sessions network interface.

It is the responsibility of the Appliance Administrator to ensure the network interfaces are configured correctly. Click the Edit icon next to the Network Interface or Proxy Server heading to edit or configure the network properties.

Navigate to Administrative Tools | Settings| Appliance | Networking.

Network Interface X0 (primary interface)
Table 115: Network Interface X0 properties
Property Description
MAC Address The media access control address (MAC address), a unique identifier assigned to the network interface for communications.
IP Address

The IPv4 address of the network interface.

Netmask The IPv4 network mask.
Default Gateway The IPv4 default gateway.
IPv6 Address The IPv6 address of the network interface.
IPv6 Prefix Length The IPv6 subnet prefix length.
IPv6 Gateway The IPv6 default gateway.
DNS Servers The IP address for the primary DNS servers.
DNS Suffixes

The network suffixes for the DNS servers.

NOTE: You can modify the network suffixes for the DNS servers by clicking the Edit icon next to the Network Interface X0 heading.

Proxy Server X0

The Proxy Server X0 settings must be configured if your company policies do not allow devices to connect directly to the web. Once configured, Safeguard for Privileged Passwords uses the configured proxy server for outbound web requests to external integrated services, such as Starling.

NOTE: Only HTTP web proxy is supported.

Table 116: Proxy Server X0 properties

Property

Description

Proxy URI

The IP address or DNS name of the proxy server.

Required

Port

The port number used by the proxy server to listen for HTTP requests.

Required

Value: Integer from 1 to 65535.

NOTE: If different ports are specified in the proxy URI and the Port field, the Port field takes precedence.

Username

The user name used to connect to the proxy server.

NOTE: The username and password are only required if your proxy server requires them to be specified.

Password

The password required to connect to the proxy server.

NOTE: The username and password are only required if your proxy server requires them to be specified.

Network Interface X1 (embedded sessions interface)

NOTE: If one or more Safeguard Sessions Appliances are joined to Safeguard for Privileged Passwords, X1 is not available in Safeguard for Privileged Passwords.

Table 117: Network Interface X1 properties
Property Description
MAC Address The MAC address, a unique identifier assigned to the session interface for communications.
IP Address

The IPv4 address of the session interface.

Netmask The IPv4 network mask.
Default Gateway The IPv4 default gateway.
IPv6 Address The IPv6 address of the session interface.
IPv6 Prefix Length The IPv6 subnet prefix length.
IPv6 Gateway The IPv6 default gateway.
DNS Servers The IP address for the primary DNS servers.
DNS Suffixes The network suffixes for the DNS servers.

Operating system licensing

It is the responsibility of the Appliance Administrator to ensure the operating system is configured.

Use the Operating System Licensing pane to view and configure the operating system of a virtual appliance.

  1. Navigate to Administrative Tools | Settings | Appliance | Operating System Licensing. Click Refresh anytime to refresh the settings.
  2. The display shows if Windows is licensed with KMS or licensed with a product key. Click Details to see additional information.
  3. Click Edit to change the operating system license and select one of the following options.
    • License automatically with KMS: If you select this option, Safeguard will use DNS to locate the KMS server automatically.
    • Specify a KMS server: If KMS is not registered with DNS, enter the network IP address of your KMS server.
    • Specify a license key: If selected, your appliance will need to be connected to the internet for the necessary verification to add your organization's Microsoft activation key.
  4. Click OK.

Support Bundle

To analyze and diagnose issues, One Identity Support may ask the Appliance Administrator or Operations Administrator to send a support bundle containing system and configuration information.

NoteS: As an alternative, you can use the recovery kiosk to generate and send a support bundle to a Windows share. For more information, see Recovery kiosk.

Virtual appliance support bundles are generate from the web management console. For more information, see Support kiosk..

To create a support bundle

  1. Navigate to Administrative Tools | Settings | Appliance | Support Bundle.

    NOTE: Select the Include Session Log check box if you want to include the Sessions debug log in the support bundle. This check box is only available if you are using the hardware SPP Appliance and are licensed for and are using the embedded sessions module.

  2. Click Generate Support Bundle.
  3. Browse to select a location to save the support bundle .zip file and click Save.
  4. Send the support bundle to One Identity Support. For more information, see About us.
Related Topics

Troubleshooting

Frequently asked questions

Related Documents