Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 6.0 LTS - Administration Guide

Introduction System requirements Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Search box Using the web client Installing the desktop client Using the desktop client Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Safeguard Access settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions Appendix E: Historical changes by release Glossary

Access Request Policies tab (asset)

The Access Request Policies tab displays the entitlements and access request policies associated with the selected asset.

Navigate to Administrative Tools | Assets | Access Request Policies.

Table 40: Assets: Access Request Policies tab properties
Property Description

Entitlement

The name of the access request policy's entitlement

Access Request Policy

The name of the policy that governs the selected asset

Assets

The number of unique assets that are associated with the access request policy

# Asset Groups

The number of unique asset groups in the access request policy

Asset Groups

The names of the asset groups that associate the selected asset with the policy

Use these buttons on the details toolbar to manage your access request policies associated with the selected asset.

Table 41: Assets: Access Request Policies tab toolbar
Option Description

Add to Policy

Add the selected asset to the scope of a session access request policy.

Remove Selected

Remove the selected policy. For more information, see Deleting an access request policy.

Refresh

Update the list of access request policies.

Details

View and edit details about the selected access request policy. For more information, see Creating an access request policy.

Search

To locate a specific policy or set of policies in this list, enter the character string to be used to search for a match. For more information, see Search box.

Asset Groups tab (asset)

The Asset Groups tab displays the asset groups that contain the selected asset.

Only the assets that support session management can be added to asset groups and dynamic asset groups. Assets that do not support session management include but may not be limited to Directory assets. When you create the asset, the Management tab has an Enable Session Request check box if sessions is supported. For more information, see Supported platforms.. This section lists SPP and SPS support by platform.

The Auditor and Security Policy Administrator have permission to access Asset Groups.

Click  Add Asset Groups from the details toolbar to add the selected asset to one or more asset groups.

Navigate to Administrative Tools | Assets | Asset Groups.

Table 42: Assets: Asset Groups tab properties
Property Description

Name

The asset group name.

Dynamic

A check mark in this column indicates that the group is a dynamic asset group.

Description

Information about the asset group.

Related Topics

Adding an asset to asset groups

Discovered Services tab (asset)

The Discovered Services tab displays information specific to the selected asset and is applicable only to Windows assets.

Navigate to Administrative Tools | Assets | Discovered Services.

Use these buttons to manage the discovered services.

Table 43: Discovered Services: Toolbar
Option Description
Discover Services

Run the selected service discovery job.

Search

To locate one or more assets, enter the character string to be used to search for a match. For more information, see Search box.

The following displays for each discovered service.

Table 44: Assets: Discovered Services tab properties
Property Description

Account

The account in Safeguard that maps to the discovered account associated with the discovered service or task on the asset. This can be a local account or an Active Directory account.

Domain Name

The domain name of the account if the account is an
Active Directory account.

System Name

The asset to which the account is associated.

Account Status

The status of the Safeguard account. If Safeguard manages the account, the value is Managed. If the account is disabled, the value is blank.

Dependent Account

A check displays if the account is associated as an account dependency on the asset. The value is blank if the account is not associated as an account dependency of the asset.

This automatic dependency mapping only happens if you select the following options. Select the Automatically Manage Found Accounts option on the account discovery job associated with the partition profile that is associated to the asset. For more information, see Adding an Account Discovery rule.

Service Type

Type of service discovered. Values may be Service or Task.

Service Name

The name of the discovered service or task.

Service Enabled

A check displays if the service or task on the asset is enabled. If there is no check mark, the service or task is disabled.

Discovered Account

The discovered service account name configured.

Date/Time Discovered

The date and time when the service or task was discovered.

History tab (asset)

The History tab allows you to view or export the details of each operation that has affected the selected asset.

The top of the History tab contains the following information:

  • Items: Total number of entries in the history log.
  • Refresh: Update the list displayed.
  • Export: Export the data to a .csv file.
  • Search: For more information, see Search box.

  • Time Frame: By default, the history details are displayed for the last 24 hours. Click one of the time intervals at the top of the grid to display history details for a different time frame. If the display does not refresh after selecting a different time interval, click Refresh.

Navigate to Administrative Tools | Assets | History.

Table 45: Assets History tab properties
Property Description

Date/Time

The date and time of the event

User

The display name of the user that triggered the event

Source IP

The network DNS name or IP address of the managed system that triggered the event

Object Name

The name of the selected asset

Event

The type of operation made to the selected asset:

  • Create
  • Delete
  • Update
  • Add Membership
  • Remove Membership

NOTE:  A membership operation indicates a relationship change with a related or parent object such as an account dependency was added or deleted from the selected asset.

Related Object

The name of the related object

Related Object Type

The type of the related object

Parent

The name of the object to which the selected asset is a child

Parent Object Type

The parent object type

Select an event to display this additional information for some types of events (for example, create and update events).

Table 46: Additional History tab properties
Property Description
Property The property that was updated
Old Value The value of the property before it was updated
New Value The new value of the property
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating