Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 2.4 - Administration Guide

Introduction System requirements Installing the One Identity Safeguard for Privileged Passwords desktop client Setting up Safeguard for Privileged Passwords for the first time Getting acquainted with the console Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Directories Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Access settings Sessions settings
Users User Groups Disaster recovery Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions
How do I access the API How do I audit transaction activity How do I configure external federation authentication How do I manage accounts on unsupported platforms How do I modify the appliance configuration settings How do I prevent Safeguard for Privileged Passwords messages when making RDP connections How do I see which assets and/or accounts are governed by a profile How do I set the appliance system time How do I setup discovery jobs How do Safeguard for Privileged Passwords database servers use SSL What are the access request states What do I do when an appliance goes into quarantine What is required for One Identity Safeguard for Privileged Passwords Privileged Sessions What is required to integrate with Starling Identity Analytics & Risk Intelligence What needs to be set up to use Application to Application What role-based email notifications are generated by default When does the rules engine run for dynamic grouping and tagging Why did the password change during an open request Why join Safeguard for Privileged Passwords to One Identity Starling
Safeguard Desktop Player Appendix: Safeguard ports

How do I see which assets and/or accounts are governed by a profile

To see which assets and/or accounts are assigned to a profile, you must open the profile details window.

To view which assets or accounts are assigned to a partition profile

  1. In Partitions or Directories, switch to the Profiles tab.
  2. Select a profile and click (or tap) the Details icon.
  3. In the profile dialog, select the Scope tab which provides a list of the assets and accounts currently being governed by the selected profile.

How do I set the appliance system time

Note: Changing appliance time can result in unintended consequences with processes running on the appliance. For example, there could be a disruption of password check and change profiles and audit log timestamps could be misleading.

TIP: As a best practice, set an NTP server to eliminate possible time-related issues. For more information, see Time.

To set the time on your appliance

  • Use the appliance API to change the appliance time (SystemTime). For information about using the API, see How do I access the API.

How do I setup discovery jobs

Safeguard for Privileged Passwords allows you to configure these types of discovery jobs to automatically add assets and accounts.

Table 274: Safeguard for Privileged Passwords Discovery types
Discovery job Description
Asset discovery

Asset discovery jobs run automatically against the directories you have added to Safeguard for Privileged Passwords. For more information, see Asset discovery job workflow.

Account discovery Account discovery jobs run automatically against the assets that are in the scope of a partition profile. For more information, see Account discovery job workflow.
Directory account discovery Directory account discovery jobs run automatically each time Safeguard for Privileged Passwords synchronizes the directory. For more information, see Directory account discovery job workflow.

Asset discovery job workflow

Safeguard for Privileged Passwords's asset discovery jobs run automatically against the directories you have added to Safeguard for Privileged Passwords. For more information, see Discovery.

To configure and schedule rules that perform asset discovery jobs

  1. Create an asset discovery job. For more information, see Creating an asset discovery job.
  2. After you save the discovery job, you can test it by selecting Run Now. For more information, see Managing asset discovery jobs.
  3. After the asset discovery job runs, navigate to Assets, right-click (or press and hold) an asset and choose one of these context menu options:

    Manage

    Select to manage an "ignored" asset.

    This option is only available for assets that have been ignored.

    Ignore

    Select to prevent Safeguard for Privileged Passwords from managing the selected asset.

    NOTE: When you ignore an asset, Safeguard for Privileged Passwords disables it and removes all associated accounts. If you choose to Manage the asset later, Safeguard for Privileged Passwords re-enables all the associated accounts.

  4. To show or hide assets marked as "Ignore", use these buttons:
    Show Ignored Display the hidden assets.
    Hide Ignored Hide assets marked as "Ignore".
  5. Search the Activity Center for information about discovery jobs that have run. Safeguard for Privileged Passwords lists the asset discovery events in the Asset Discovery Activity category.
Related Documents