Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 6.10 - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Getting started with the desktop client Using the desktop client Search box Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificates settings Cluster settings Enable or Disable Services settings External Integration settings Messaging settings (desktop client) Password Management settings Real-Time Reports Safeguard Access settings SSH Key Management settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions About us

User Groups tab (user)

The User Groups tab displays the user groups in which the selected user is a member.

The User Groups tab is available to a user with Auditor or Security Policy Administrator permissions and to the User Administrator for directory users (not for local users).

Navigate to Administrative Tools | Users | User Groups.

Table 207: Users: Users Groups tab properties
Property Description
Name

The user group name

Type

The type of group: User Group or Directory Group

Distinguished Name

The distinguished name of the group

Description

Information about the selected user group

Use the following buttons on the details toolbar to manage the user groups associated with the selected user.

Table 208: Users: User Groups toolbar
Option Description

Add User Group

Add the user to one or more user groups to the user. For more information, see Adding a user to user groups.

Remove Selected

Remove the selected user group from the selected user.

Refresh

Retrieve and display an updated list of user groups associated with the selected user.

Search

To locate a specific user group in this list, enter the character string to be used to search for a match. For more information, see Search box.

Owned Objects tab (user)

The Owned Objects tab displays the objects which the selected user directly manages.

Navigate to Administrative Tools | Users | Owned Objects.

Table 209: Users: Owned Objects tab properties
Property Description
Type

The type of object.

Name

The name of the object.

Direct

This column indicates the ownership of the object was assigned directly rather than through the use of a tag.

Via Group

This column indicates the ownership of the object was assigned via group.

Via Tag

This column indicates the ownership of the object was assigned through the use of a tag.

Use the following buttons on the details toolbar to manage the objects owned by the selected user.

Table 210: Users: Owned Objects toolbar
Option Description

Refresh

Retrieve and display an updated list of objects associated with the selected user.

Search

To locate a specific object in this list, enter the character string to be used to search for a match. For more information, see Search box.

Asset Administrators and Auditors can also generate reports showing more detailed information on the ownership of specific objects (including effective ownership). For more information, see Running an ownership report.

Entitlements tab (user)

The Entitlements tab displays the entitlements in which the selected user is a member. The Entitlements tab is only available to a user with Auditor or Security Policy Administrator permissions.

Navigate to Administrative Tools | Users | Entitlements.

Table 211: Users: Entitlements tab properties
Property Description
Name

The name of the entitlements in which the selected user is assigned as a user.

Access Request Policies The number of unique access request policies in the entitlement.
Accounts

The number of unique accounts in the selected entitlement.

Users The number of unique users in the entitlement.
User Groups

The names of the user groups that associate the selected user to the entitlement.

NOTE: If the selected user is associated with the entitlement explicitly and not through user group membership, then this column is blank and the Direct Member column is True.

Direct Member

Indicates True if the selected user was explicitly added to the entitlement as a user. For more information, see Adding users or user groups to an entitlement.

Use the following buttons on the details toolbar to manage the entitlements associated with the selected user.

Table 212: Users: Entitlements tab toolbar
Option Description

Add Entitlement

Add the selected user as a user of one or more entitlements. For more information, see Adding a user to entitlements.

Remove Selected

Remove the user from the selected entitlement.

Refresh

Update the list of entitlements.

Details

View additional details about the selected entitlement in a pop-up window.

Search

To locate a specific entitlement or set of entitlements in this list, enter the character string to be used to search for a match. For more information, see Search box.

Linked Accounts tab (user)

The Linked Accounts tab displays the directory accounts linked to the selected user that can be used in session request policies to access the assets or accounts defined within the scope of the policy.

Accounts can be:

  • Manually: Click Add Linked Account from the details toolbar.
  • Automatically: See Adding a directory user group and the check box labeled Automatically link Managed Directory Accounts.

Navigate to Administrative Tools | Users | Linked Accounts.

Table 213: Users: Linked Accounts tab properties
Property Description
Name The account name.
Domain Name The name of the domain where the linked account resides.
Service Account A check in this column indicates that the account is a service account.
Password Request A check in this column indicates that password release requests are enabled for the account.
Session Request A check in this column indicates that session access requests are enabled for the account.

SSH Key Request

A check in this column indicates that SSH key release requests are enabled for the account.

Password

A check in this column indicates that a password is set for the selected account. For more information, see Checking, changing, or setting an account password.

SSH Key

A check in this column indicates an SSH key is set for the account. For more information, see Checking, changing, or setting an SSH key.

Description Information about the selected account.

Use the following buttons on the details toolbar to manage the linked accounts associated with the selected user.

Table 214: Users: Linked Accounts tab toolbar
Option Description

Add Linked Account

Link the user to one or more accounts. For more information, see Linking a directory account to a user.

Remove Selected

Remove the selected linked account from the selected user.

Refresh

Update the list of linked accounts.

Search

To locate a specific entitlement or set of entitlements in this list, enter the character string to be used to search for a match. For more information, see Search box.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating