Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 6.9 - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Getting started with the desktop client Using the desktop client Search box Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificates settings Cluster settings Enable or Disable Services settings External Integration settings Messaging settings (desktop client) Password Management settings Real-Time Reports Safeguard Access settings SSH Key Management settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions About us

Reviews (web client)

Select Reviews on the left of the page to manage reviews. On the Reviews page, you can:

  • View details by selecting a request then looking at the details display on the right of the page, including the workflow.
  • Mark one or more request as reviewed: Select the requests. Do the following:
    • If no comment is needed, click Mark all the selected requests as reviewed.
    • If a comment is needed, this icon will display as One or more of the selected requests requires review comments. Add the comment. Then, click Mark as Reviewed.
  • Change the columns that display: Click Select columns to display then select the columns you want to see.
    • Action: Displays This request requires review comments or Mark only this request as reviewed.
    • Requester: Displays the user name of the requester.
    • Access Type: Displays the type of access (for example, Password, SSH Key, RDP, SSH, or Telnet).
    • Account: Displays the managed account name.
    • Ticket Number: Displays the ticket number, if required.
    • Request For/Duration: Displays the date and time as well as the window of availability (for example, March 20, 2021 9:56 AM 2 hours).
  • Search: For more information, see Search box.

Favorites (web client)

On your Home or My Requests page, you will see My Favorites (number of favorites). You can quickly make requests by creating a favorite of requests you make often, then just click the favorite.

You must be authorized to create requests for the assets and accounts you choose to include in a favorite. To change the look of the favorite tiles, click for large icons or for small icons.

If Show Account Availability is enabled you can identify if a privileged account is available or not. Accounts display a warning badge if in use by a request and an account's status is updated immediately after being changed in order to avoid overlapping account requests from multiple users. Hover over the badge to display <X> of <X> accounts in use. Select an available account. Showing account availability requires additional API queries that may impact performance. This toggle is set by the user not an administrator. There is no global toggle.

NOTE: When the policy governing the request has enabled Allow simultaneous access for multiple user access, the request may still be available even though Show Account Request Availability indicates it is in use.

Add a favorite

  1. To the right of My Favorite Requests, click New Favorite.
  2. On the Asset Selection page, select the assets to access. Use the following approaches to quickly find the assets you want:
    • Click Search to search the Asset, Network Address, or Platform. For more information, see Search box.
    • Once you've selected assets, the number of Assets selected displays in the lower left. You can toggle between Show only selected and Show all.
    • In the lower right, select the number of Items per page that display. Click the arrows to move through the pages.
  3. Click Next.
  4. On the Account & Access Type Selection page, select the account for the asset. If there are several accounts associated with an asset:
    1. Click the Select Account(s) link.
    2. Select the account(s) for that asset.
    3. Click OK.
    4. Continue to select accounts for each asset.
  5. Click Next to provide favorite details:
    1. Enter a Name for the favorite.
    2. Enter a Brief Description.
    3. Select the color of the favorite's tile.
  6. Click Add.

Use and manage a favorite

Once a favorite has been created, you can use and make changes to the favorite.

  1.  Click the menu on the right of the favorite and perform a task:
    • Click Submit Request to submit the request and launch the request workflow. Follow the workflow steps. For more information, see Requesting a password release.
    • Click Change Color to change the color of the favorite. This is useful to color code types of requests.
    • Click Remove to delete the favorite.

My Settings (web client)

From My Settings, you can set a variety of controls for using the web client. These include page displays, update your information, including email notifications, check the version, or download the Safeguard for Privileged Passwords desktop Windows client. The settings you see are based on your role and permissions.

Go to My Settings

In the upper right corner, next to your user name, click then My Settings to proceed.

On the My Settings dialog, the tabs available are based on your role and permissions.

Using the General tab

  • Language drop-down: Use this drop-down to change the site language. By default, this is set to Browser Language (Auto Detect).
  • About Safeguard: The Appliance Version displays.
  • Download Windows Client: Click to download the Windows desktop client.

Using the My Account tab

  • Contact Information: Click Edit to change Email, Work Phone, or Mobile Phone. Click Save to save your changes or click Cancel to revert to the previous setting.
  • Location: Select your time zone in the drop-down box. Changing your time zone may be prohibited based on your organization's security procedures. If available, choose to:
    • Display times in local computer time: This is the default. It is the time zone set on your local computer.
    • Display times in my configured time zone: This is the time zone that is set on this page.
  • Manage Email Notifications: The Manage Email Notifications dialog displays the type of events for which you are receiving email notifications. You can define the types of events for which you want to receive notifications. By default, all events are selected. If the event is Built In to SPP, a displays. When there are multiple events, an Events link appears that leads to the Subscriptions dialog listing the Name, Description, and Category of the event.
    • Clear the check box for any events for which you do not want to receive an email notification.
    • To set all check boxes, select or clear the check box at the top of the list to the left of the header.

    NOTE: When there are no delegated owners assigned to a partition, email notifications related to partitions are sent to the Asset Administrator. However, when a delegated owner is specified to manage the assets and accounts in a partition, email notifications related to partitions are sent to the delegated owner, not to the Asset Administrator.

  • Manage FIDO2 Keys (Available if you are required to perform FIDO2 two-factor authentication.): If the FIDO2 feature is enabled, at least one FIDO2 key must be registered. When a key is added, the placeholder name is Unnamed Key. You can enter a meaningful name or later edit the name. It is recommended that all users have more than one key registered in case a key is lost or damaged. For existing keys, you will see the name and date each existing key was registered and last used.
    • To change a name, enter the new name, then click Save.
    • To remove a key, click Remove by the key. One key must remain registered. If a physical security key is lost, always delete the associated key from Safeguard for Privileged Passwords.
    • To add a key, click Register New FIDO2 Key.
      1. You will be asked to insert or connect to the new key.
      2. You will be prompted to reenter your primary credentials for verification.

      3. Tap or activate your new FIDO2 key that is being registered.

      4. You may then go back to the Manage FIDO2 Key page and give your newly registered key a name, then click Save.

      For more information, see Requiring user to log in using secondary authentication.

  • Change Password: The password requirements are listed. Enter your Current Password and the New Password as directed. (Click Display or Hide to view or hide the password as it is entered.) Click Save.

Change password (web client)

You can change your password.

To change the password

  1. In the upper right corner, next to your user name, click .
  2. Click My Settings.
  3. Open the My Account tab.
  4. Click Change Password. The password requirements are listed.
  5. Enter your Current Password and the New Password as directed. (Click Display or Hide to view or hide the password as it is entered.)
  6. Click Save to save your new password.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating