Chat now with support
Chat with Support

We are currently experiencing issues on our phone support and are working diligently to restore services. For support, please sign in and create a case or email supportadmin@quest.com for assistance

One Identity Safeguard for Privileged Passwords 7.4.1 - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home page Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Global Services External Integration Real-Time Reports Safeguard Access Appliance Management Settings
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms Importing objects
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings
User Management Reports Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions

Adding users or user groups to a partition

When you add users to a partition, you are specifying the users or user groups that have ownership of a partition.

It is the responsibility of the Asset Administrator to add users and user groups to partitions. The Security Policy Administrator only has permission to add groups, not users. For more information, see Administrator permissions..

To add users to a partition

  1. Navigate to Asset Management > Partitions.
  2. In Partitions, select a partition from the object list and click View Details.
  3. Open the Owners tab.
  4. Click  Add.
  5. Select one or more users or user groups from the list in the Users/User Groups dialog.

  6. Click Select Owners to save your selection.

Creating a password profile

It is the responsibility of the Asset Administrator or the partition's delegated administrator to add password profiles to partitions.

To add a password profile to a partition

  1. Navigate to Asset Management > Partitions.

  2. In Partitions, select a partition from the object list and click View Details.

  3. Open the Password Profiles tab.

  4. Click New Profile from the details toolbar.

  5. On the General tab, supply the following information:

    1. Name: Enter a unique name for the profile. Limit: 50 characters

    2. Description: Enter information about this profile. Limit: 255 characters

  6. On the Check Password tab, select a previously defined check password setting from the drop-down menu or click Add to add a new check password setting. These are the rules used to verify account passwords. For more information, see Adding check password settings..

  7. On the Change Password tab, select a previously defined change password setting from the drop-down menu or click Add to add a new change password setting. These are the rules used to reset account passwords. For more information, see Adding change password settings..

  8. On the Account Password Rule tab, select a previously defined account password rule or click Add to add a new account password rule. An account password rule is a complexity rule that governs the construction of the new password created by SPP during an automatic password change. For more information, see Adding an account password rule..

  9. Click OK to save your selections and create the profile.
  10. When creating a new profile, the Password Sync Groups tab is not available. This tab is displayed while editing a profile. You can use the Password Sync Groups tab to add or update a password sync group governed by the profile change schedule. For more information, see Password sync groups..

Creating an SSH key profile

It is the responsibility of the Asset Administrator or the partition's delegated administrator to add SSH key profiles to partitions.

To add an SSH key profile to a partition

  1. Navigate to Asset Management > Partitions.

  2. In Partitions, select a partition from the object list and click View Details.

  3. Open the SSH Key Profiles tab.

  4. Click New Profile from the details toolbar.

  5. On the General tab, supply the following information:

    1. Name: Enter a unique name for the profile. Limit: 50 characters

    2. Description: Enter information about this profile. Limit: 255 characters

  6. On the Check SSH Key tab, select a previously defined check SSH key setting from the drop-down menu. These are the rules SPP uses to verify account SSH keys. For more information, see Adding SSH key check settings ..

  7. On the Change SSH Key tab, select a previously defined change SSH key setting from the drop-down menu. These are the rules used to reset account SSH keys. For more information, see Adding SSH key change settings..

  8. On the Discover SSH Key tab, select a previously defined discover SSH key settings selection. These are the rules used to discover SSH keys. For more information, see Adding SSH key discovery..

  9. Click OK to save your selections and create the profile.

When creating a new partition SSH key profile, the SSH Key Sync Groups tab is not displayed. This tab is displayed while editing a partition SSH key profile. You can use the SSH Key Sync Groups tab to add or update an SSH key sync group governed by the profile change schedule. For more information, see SSH Key Sync Groups settings..

Setting a default partition

Each Asset Administrator can set a unique default partition and profile so that all new assets that administrator adds are automatically assigned to the default partition and default profile. For more information, see Setting a default profile..

To set the default partition

  1. Navigate to Asset Management > Partitions.
  2. In Partitions, select a partition and click Set as Default from the toolbar.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating