It is the responsibility of the Asset Administrator or the partition's delegated administrator to configure the rules that govern how Safeguard for Privileged Passwords performs account discovery. For more information, see Account Discovery job workflow.
- Navigate to Administrative Tools | Discovery | Accounts | Account Discovery.
- Click Add to open the Account Discovery dialog.
- Provide the following:
- Partition: Browse to select a partition.
Name: Enter a name for the account discovery job. Limit: 50 characters.
Description: Enter descriptive text about the account discovery job. Limit: 255 characters
- Discovery Type: The platform, for example, Windows, Unix, Starling Connect, or Directory. Make sure the Discovery Type is valid for the assets associated with the Partition selected earlier on this dialog.
- Directory: If the Discovery Type is Directory, select the directory on which the Account Discovery job runs.
Click the Schedule button and choose an interval for to run the Account Discovery job.
In the Schedule dialog, select Run Every to run the job along per the run details you enter. (If you deselect Run Every, the schedule details are lost.)
Configure the following.
To specify the frequency without start and end times, select from the following controls. If you want to specify start and end times, go to the Use Time Window selection in this section.
Enter a frequency for Run Every. Then, select a time frame:
- Minutes: The job runs per the frequency of minutes you specify. For example, Every 30 Minutes runs the job every half hour over a 24-hour period. It is recommended you do not use the frequency of minutes except in unusual situations, such as testing.
Hours: The job runs per the minute setting you specify. For example, if it is 9 a.m. and you want to run the job every two hours at 15 minutes past the hour starting at 9:15 a.m., select Runs Every 2 Hours @ 15 minutes after the hour.
Days: The job runs on the frequency of days and the time you enter.
For example, Every 2 Days Starting @ 11:59:00 PM runs the job every other evening just before midnight.
Weeks The job runs per the frequency of weeks at the time and on the days you specify.
For example, Every 2 Weeks Starting @ 5:00:00 AM and Repeat on these days with MON, WED, FRI selected runs the job every other week at 5 a.m. on Monday, Wednesday, and Friday.
Months: The job runs on the frequency of months at the time and on the day you specify.
For example, If you select Every 2 Months Starting @ 1:00:00 AM along with First Saturday of the month, the job will run at 1 a.m. on the first Saturday of every other month.
Select Use Time Windows if you want to enter the Start and End time. You can click Add or Remove to control multiple time restrictions. Each time window must be at least one minute apart and not overlap.
For example, for a job to run every ten minutes every day from 10 p.m. to 2 a.m., enter these values:
Enter Every 10 Minutes and Use Time Windows:
- Start 10:00:00 PM and End 11:59:00 PM
Start 12:00:00 AM and End 2:00:00 AM
An entry of Start 10:00:00 PM and End 2:00:00 AM will result in an error as the end time must be after the start time.
If you have selected Days, Weeks, or Months, you will be able to select the number of times for the job to Repeat in the time window you enter.
For a job to run two times every other day at 10:30 am between the hours of 4 a.m. and 8 p.m., enter these values:
For days, enter Every 2 Days and set the Use Time Windows as Start 4:00:00 AM and End 8:00:00 PM and Repeat 2.
- (UTC) Coordinated Universal Time is the default time zone. Select a new time zone, if desired.
If the scheduler is unable to complete a task within the scheduled interval, when it finishes execution of the task, it is rescheduled for the next immediate interval.
- Rules: You can add, delete, edit or copy rules. For more information, see Adding an Account Discovery rule.
Discover Services: (For Windows accounts only and deselected by default.) Select this check box so that when the discovery job is run, services are discovered and can be viewed in by clicking the Discovered Services tile. For more information, see Discovered Services.
Automatically Configure Dependent Systems: (For Windows accounts only and deselected by default.) Select this check box so that any directory accounts that are discovered in the Service Discovery job are automatically configured as dependent accounts on the asset where the service or task was discovered. The dependencies are listed on Administrative Tools | Assets | Account Dependencies. If you clear the check box and run the account discovery job again, the dependencies are not removed. Dependencies can be manually removed from Administrative Tools | Assets | Account Dependencies. For more information, see Account Dependencies tab (asset).
- Click OK.
Select the assets to which the account discovery rule applies using one of these approaches:
- Go to the asset and configure the account discovery rules. For more information, see Account Discovery tab (add asset).
- From the Account Discovery job grid, click the link in the Asset Count column to select assets. For more information, see Account Discovery.