Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 2.4 - Administration Guide

Introduction System requirements Installing the One Identity Safeguard for Privileged Passwords desktop client Setting up Safeguard for Privileged Passwords for the first time Getting acquainted with the console Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Directories Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Access settings Sessions settings
Users User Groups Disaster recovery Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions
How do I access the API How do I audit transaction activity How do I configure external federation authentication How do I manage accounts on unsupported platforms How do I modify the appliance configuration settings How do I prevent Safeguard for Privileged Passwords messages when making RDP connections How do I see which assets and/or accounts are governed by a profile How do I set the appliance system time How do I setup discovery jobs How do Safeguard for Privileged Passwords database servers use SSL What are the access request states What do I do when an appliance goes into quarantine What is required for One Identity Safeguard for Privileged Passwords Privileged Sessions What is required to integrate with Starling Identity Analytics & Risk Intelligence What needs to be set up to use Application to Application What role-based email notifications are generated by default When does the rules engine run for dynamic grouping and tagging Why did the password change during an open request Why join Safeguard for Privileged Passwords to One Identity Starling
Safeguard Desktop Player Appendix: Safeguard ports

Licensing

It is the responsibility of the Appliance Administrator to manage the Safeguard for Privileged Passwords licenses. The first time you log into Safeguard for Privileged Passwords, it prompts you to add a license. In addition, you can add a new module license or update a license.

Navigate to Administrative Tools | Settings | Appliance | Licensing.

Note: For more information, see Product licensing.

Table 145: Licensing options
Setting Description
Adding a license

To add a new module license to Safeguard for Privileged Passwords.

Applying an updated license

To update a Safeguard for Privileged Passwords module license.

Adding a license

The first time you log into Safeguard for Privileged Passwords as the Appliance Administrator, it prompts you to add a license. In addition, you can add additional Safeguard for Privileged Passwords module licenses.

To add a new module license

  1. Navigate to Administrative Tools | Settings | Appliance | Licensing.
  2. Click (or tap) .
  3. Browse to select the license file.

    Once you add a license, Safeguard for Privileged Passwords displays the current license information and additional links that allow you to update the license or view the license history for a module.

  4. To add another module license, click (or tap) Add Another License in the Success dialog.

Note: To avoid disruptions in the use of Safeguard for Privileged Passwords, the Appliance Administrator must configure the SMTP server, and define email templates for the License Expired and the License Expiring Soon event types. This ensures you will be notified of an approaching expiration date. For more information, see Enabling email notifications.

Applying an updated license

As the Appliance Administrator, you can update a module license from the Settings | Appliance | Licensing pane.

To update a module license

  1. Navigate to Administrative Tools | Settings | Appliance | Licensing.
  2. Select Update License in the lower left corner of a module's licensing information pane.
  3. Browse to select the license file. Select Open.

Note: To avoid disruptions in the use of Safeguard for Privileged Passwords, the Appliance Administrator must configure the SMTP server, and define email templates for the License Expired and the License Expiring Soon event types. This ensures you will be notified of an approaching expiration date. For more information, see Enabling email notifications.

Lights Out Management (BMC)

The Lights Out Management feature allows you to remotely manage the power state and serial console to Safeguard for Privileged Passwords using the baseboard management controller (BMC). When a LAN interface is configured, this enables the Appliance Administrator to power on an appliance remotely or to interact with the recovery kiosk.

IMPORTANT: This feature requires a LAN interface to be enabled and configured. One Identity Safeguard for Privileged Passwords's BMC supports the following LAN interfaces to provide this functionality:

  • SSH
  • IPMI v2
  • Web
  • Serial over Lan

It is strongly recommended that the LAN interface only be enabled in trusted environments.

Navigate to Administrative Tools | Settings | Appliance | Lights Out Management (BMC). The Lights Out Management (BMC) pane displays a single toggle, Enable Lights Out Management (BMC), for enabling and disabling this capability. Once enabled, additional fields appear allowing the Appliance administrator to set the password, network address, subnet mask, and gateway for the BMC.

NOTE: Once Lights Out Management is enabled in Safeguard for Privileged Passwords, you can access the BMC via a web interface or by using SSH to connect to the IPMI port to remotely manage the power state and serial console to Safeguard for Privileged Passwords. The default user for accessing the BMC is ADMIN.
Related Documents