Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 8.0 LTS - Administration Guide

Introduction System requirements Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home page Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Global Services External Integration Real-Time Reports Safeguard Access Appliance Management Settings
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms Importing objects
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings
User Management Reports Vaults Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions

Removing a linked account from a user

It is the responsibility of the Security Policy Administrator to remove linked accounts from a user.

To remove a linked account from a user

  1. Navigate to Security Policy Management > Linked Accounts.
  2. On the Users tab, select a user from the object list and click Edit.
  3. Select a linked account (or accounts) from the list.
  4. Click Remove from the details toolbar.

  5. A confirmation dialog will appear confirming the account(s) being removed. Click Yes.

Removing a user from a linked account

It is the responsibility of the Security Policy Administrator to remove a user from a linked account

To remove a user from a linked account

  1. Navigate to Security Policy Management > Linked Accounts.
  2. On the Accounts tab, select an account from the object list and click Edit.
  3. Select a user (or users) from the list.
  4. Click Remove from the details toolbar.

  5. A confirmation dialog will appear confirming the user(s) being removed. Click Yes.

User Groups

NOTE: The User Groups page is accessible from the following locations:

  • Security Policy Management > User Groups

  • User Management > User Groups

Safeguard for Privileged Passwords allows you to either create a local group that exists and is managed within Safeguard for Privileged Passwords only, or add a directory group that is synchronized from an external Active Directory or LDAP server. Then a Security Policy Administrator can add one or more user groups to an entitlement, which will authorize members of the group(s) to request access to the accounts and assets governed by the entitlement's access request policies.

User Groups is available to the Authorizer Administrator, User Administrator, Security Policy Administrator, Help Desk Administrator, Auditor, and Asset Administrator. Not all functionalities will be available to all user types.

The User Groups view displays the following information about the selected user or directory group.

  • Properties tab (user groups): Displays general information about the selected user group.
  • Users tab (user groups): Displays the members of the selected group.
  • Entitlements tab (user groups): Displays the entitlements for which the group has been assigned to. All members of the group then inherit access to the request policies of the entitlement.

    NOTE: The Entitlements tile is only visible to the Auditor and Security Policy Administrator.

  • History (user): Displays the details of each operation that has affected the selected group.

Use these toolbar buttons to manage users.

  • User Group: Add user groups to Safeguard for Privileged Passwords. For more information, see Adding a user group..

  • Directory User Group: Add a directory user group to Safeguard for Privileged Passwords. For more information, see Adding a directory user group..

  • SCIM User Group: Add SCIM user groups to Safeguard for Privileged Passwords. For more information, see Adding a SCIM user group.

  • Delete: Remove the selected user group. For more information, see Deleting a user group..

  • Edit: Edit the selected user group.

  • Synchronize Now: After selecting a user group from the table, use this button to manually prompt the synchronization process.

  • Export: Use this button to export the listed data as either a JSON or CSV file. For more information, see Exporting data.

  • Refresh: Update the list of user groups.

  • Search: You can search by a character string or by a selected attribute with conditions you enter. To search by a selected attribute click Search and select an attribute to search. For more information, see Search box.

Properties tab (user groups)

The Properties tab lists information about the selected user group.

To access Properties:

  • web client: Navigate to Security Policy Management > User Groups > (New) or (Edit) > Properties or User Management > User Groups > Properties.
Table 210: User Groups: Properties tab properties
Property Description

Name

The entitlement name.

Description

Information about the selected entitlement.

Delete

Click this button to delete the user group.

The Properties > Permissions tab lists the user's administrator permissions or "Standard User" if the user does not have administrative permissions.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating