|
CAUTION: All customers upgrading to Safeguard for Privileged Passwords 7.0 require a new license. For more information, contact Support. |
Hardware appliance
The Safeguard for Privileged Passwords 3000 Appliance and 2000 Appliance ship with the Privileged Passwords module which requires a valid license to enable functionality.
You must install a valid license. Once the module is installed, Safeguard for Privileged Passwords shows a license state of Licensed and is operational. If the module license is not installed, you have limited functionality. That is, even though you will be able to configure access requests, if a Privileged Passwords module license is not installed, you will not be able to request a password release.
Virtual appliance Microsoft Windows licensing
You must license the virtual appliance with a Microsoft Windows license. We recommend using either the MAK or KMS method. Specific questions about licensing should be directed to your Sales Representative. The virtual appliance will not function unless the operating system is properly licensed.
Licensing setup and update
To enter licensing information when you first log in
The first time you log in as the Appliance Administrator, you are prompted to add a license. The Success dialog displays when the license is added.
On the virtual appliance, the license is added as part of Initial Setup.
IMPORTANT: After successfully adding a license, the Software Transaction Agreement will be displayed and must be read and accepted in order to use Safeguard for Privileged Passwords.
To configure reminders for license expiration
To avoid disruptions in the use of Safeguard for Privileged Passwords, the Appliance Administrator must configure the SMTP server, and define email templates for the License Expired and the License Expiring Soon event types. This ensures you will be notified of an approaching expiration date.
Users are instructed to contact their Appliance Administrator if they get an "appliance is unlicensed" notification.
As an Appliance Administrator, if you receive a "license expiring" notification, apply a new license.
To update the licensing file
Licensing update is only available using a virtual machine, not via the hardware.
To perform licensing activities
Go to the licensing page:
- Navigate to Appliance > Licensing.
- To upload a new license file, click Upload new license file and browse to select the current license file. The Software Transaction Agreement will also be displayed during this process and must be read and accepted in order to complete the licensing process.
- To remove the license file, select the license and click Remove selected license.
|
CAUTION: For customers upgrading to 7.0 from a previous Safeguard for Privileged Passwords release, be aware the following changes are required prior to upgrading:
-
New license. Once the new license is installed, Appliance Administrators will need to read and accept the Software Transaction Agreement before Safeguard for Privileged Passwords will be fully functional.
-
Must apply the OS patch release prior to upgrading to 7.0. For more information, see One Identity Support.
-
Approval Anywhere has been deprecated. Any Safeguard for Privileged Passwords customers also currently using Starling Two-Factor Authentication as their authentication provider should wait to upgrade until they have removed all Starling Two-Factor Authentication related user information. |
The Safeguard for Privileged Passwords 3000 and 2000 Appliances are built specifically for use only with the Safeguard for Privileged Passwords privileged management software, which is pre-installed and ready for immediate use on the hardened appliances.
Safeguard for Privileged Passwords virtual appliances and cloud applications are also available.
To set up a new deployment: 3000 Appliance, 2000 Appliance, Virtual Machine, or Cloud
If this is a new physical appliance, virtual machine, or cloud deployment, see the Safeguard for Privileged Passwords Appliance Setup Guide. The guide is also included in the package with a physical appliance.
To update an existing physical appliance or virtual appliance with this patch
It is the responsibility of the Appliance Administrator to upgrade Safeguard for Privileged Passwords by installing an update file (patch). Consider the following:
- Minimum patch version: 7.0.0.0. If you are running an earlier version of the Safeguard for Privileged Passwords Appliance, you must upgrade to this version before applying the 7.0.1 LTS patch.
- Clustered environment: See the Patching cluster members section in the Safeguard for Privileged Passwords Administration Guide for instructions on how to deploy a patch so all appliances in the cluster are on the same version.
Prepare to install a patch
- Backup your appliance before you install a patch. Once you install a patch, you cannot uninstall it. See the Safeguard for Privileged Passwords Administration Guide, Backup and restore topic.
-
Download the latest physical appliance patch or virtual appliance patch from the One Identity Support Portal:
https://support.oneidentity.com/one-identity-safeguard-for-privileged-passwords/download-new-releases
To install the hardware patch
- As an Appliance Administrator, log in to the Safeguard for Privileged Passwords client.
-
Select Appliance Management > Appliance > Patch Updates.
The current appliance and client versions are displayed.
-
Click Upload a File and browse to select the update file you downloaded from the One Identity support web site.
NOTE: When you select a file, Safeguard for Privileged Passwords uploads it to the server, but does not install it.
- Once the file has successfully uploaded, click Install Now.
To install the virtual machine patch
- Make adequate resources available. The virtual appliances default deploy does not provide adequate resources. The minimum resources required are: 4 CPUs, 10GB RAM, and a 500GB disk. Without adequate disk space, the patch will fail and you will need to expand disk space then re-upload the patch.
- Go to the web management console and click Setup and follow the wizard.
You can verify that the correct version has been successfully installed from the Safeguard for Privileged Passwords desktop client or the LCD on the Safeguard for Privileged Passwords Appliance.
To verify the uploaded patch was installed
- Log in to the Safeguard for Privileged Passwords client as an Operations Administrator or an Appliance Administrator.
- Select Appliance Management > Appliance > Appliance Information.
- Verify the correct appliance version is displayed in the appliance properties pane.
In addition, when the appliance is running, the LCD home screen on the front panel of the appliance displays Safeguard for Privileged Passwords <version number>. Therefore, you can verify the correct appliance version is running from there, as well.