Chat now with support
Chat with Support

We are currently experiencing issues on our phone support and are working diligently to restore services. For support, please sign in and create a case or email supportadmin@quest.com for assistance

One Identity Safeguard for Privileged Passwords 6.0.9 LTS - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Getting started with the desktop client Using the desktop client Search box Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Safeguard Access settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions SPP glossary

Resolving IP address

As an Appliance Administrator, you can use the Managed Networks page to search for an IP address within a managed network's list of subnets.

To find an IP address in a managed network

  1. Navigate to Administrative Tools | Settings | Cluster | Managed Networks.
  2. In the Resolve Network search box, type the IP address, and press Enter.

    The managed network that contains the subnet that most closely matches the IP address is highlighted. If there are no subnets that match the IP address, the Default Managed Network is highlighted.

Offline Workflow (automatic)

To reduce potential downtime, the Appliance Administrator can configure Offline Workflow Mode to be performed automatically. Offline Workflow Mode allows an appliance that has lost consensus (quorum) to operate in isolation from the cluster to process access requests using cached policy data.

To ensure the outage is not a short-lived outage, the default time before the appliance is automatically switched to Offline Workflow Mode is 15 minutes. The time threshold can be changed to five minutes or more.

If automatic Offline Workflow Mode is enabled, you can enable automatic Resume Online Workflow so the appliance automatically resumes online operations once consensus is restored. The minutes to wait after consensus is restored before automatically resuming online workflow defaults to 15 minutes. The time threshold can be changed to five minutes or more.

When Offline Workflow Mode settings are configured to run automatically, an Appliance Administrator can override the automatic settings and manually place an appliance in Offline Workflow Mode or manually restore an appliance to online workflow, as needed.

The user views status messages that clearly communicate the appliance state and the ability to request passwords.

For general information on Offline Workflow Mode, see About Offline Workflow Mode.

Navigate to Administrative Tools | Settings | Cluster | Offline Workflow. The Offline Workflow page displays the following information.

Table 146: Offline Workflow: Properties
Property Description

Enable Automatic Offline Workflow

  • To automatically place the appliance in Offline Workflow Mode when the appliance loses connection and cannot establish consensus.
  • Automatic Offline Workflow Threshold Minutes

    The number of minutes after consensus is lost before the appliance is automatically switched over to Offline Workflow Mode. The default is 15 minutes and can be changed to five minutes or more. The threshold set does not persist after a reboot.

    Automatic Resume Online Workflow
  • If you selected Enable Automatic Offline Workflow, you can select Automatic Resume Online Workflow so the appliance automatically resumes online operations once consensus is restored.
  • Automatic Resume Online Workflow Threshold The number of minutes after consensus is restored that the appliance is automatically switched over to online workflow. The default is 15 minutes and can be changed to five minutes or more.

    Use these toolbar buttons to define and maintain your managed networks.

    Table 147: Offline Workflow: Toolbar
    Option Description
    Refresh Updates the information displayed on the page
    Enable Offline Workflow Triggers Offline Workflow Mode
    Resume Online Operations Triggers moving the appliance from Offline Workflow Mode back to online operations

    Enable automatic Offline Workflow

    Use the Offline Workflow page to configure automatic settings to control Offline Workflow Mode. You can manually override the automatic settings. For more information, see Manually override automatic Offline Workflow.

    To configure automatic settings to control Offline Workflow Mode

    1. Navigate to Administrative Tools | Settings | Cluster | Offline Workflow.
    2. On the Offline Workflow dialog, select Enable Automatic Offline Workflow so the appliance will be automatically placed in Offline Workflow Mode when the appliance loses connection and cannot establish consensus.
    3. Identify the number of Minutes after consensus is lost before the appliance is automatically switched over to Offline Workflow Mode. The Automatic Offline Workflow Threshold defaults to 15 minutes and can be changed to five minutes or more.
    4. If you selected the first check box to enabled automatic Offline Workflow Mode, you can select Automatic Resume Online Workflow so the appliance automatically resumes online operations once consensus is restored.
    5. Identify the number of Minutes after consensus is restored that the appliance is automatically switched over to online workflow. The Automatic Resume Online Workflow Threshold defaults to 15 minutes and can be changed to five minutes or more.
    6. Click OK.

    Manually override automatic Offline Workflow

    Use the Offline Workflow page to manually enable offline workflow or resume online operations.

    For details on either of these operations, see Manually control Offline Workflow Mode.

    Before resuming online operations, see Considerations to resume online operations.

    To manually Enable Offline Workflow

    This option is only available when the appliance has lost consensus with the cluster.

    1. Navigate to Administrative Tools | Settings | Cluster | Offline Workflow.
    2. Click Enable Offline Workflow to manually trigger Offline Workflow Mode.
    3. In the dialog box, type in Enable Offline Workflow and click Enter. The appliance is in Offline Workflow Mode and enters maintenance. 
    4. You can verify requests and view health checks on the Cluster Management window. For more information, see Cluster Management.

    To manually Resume Online Operations

  • This option is only available when the appliance is in Offline Workflow Mode.
    1. Navigate to Administrative Tools | Settings | Cluster | Offline Workflow.
    2. Click Resume Online Operations to manually trigger moving the appliance from Offline Workflow Mode back to online operations.
    3.  In the dialog box, type in Resume Online Operations and click Enter.
    4. When maintenance is complete, click Restart Desktop Client. The appliance is returned to Maintenance mode.
    5. You can verify requests and view health checks on the Cluster Management window. For more information, see Cluster Management.
  • Related Documents

    The document was helpful.

    Select Rating

    I easily found the information I needed.

    Select Rating