Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 2.5 - Administration Guide

Introduction System requirements Installing the One Identity Safeguard for Privileged Passwords desktop client Setting up Safeguard for Privileged Passwords for the first time Getting acquainted with the console Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Directories Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificate settings Cluster settings External Integration settings Messaging settings Profile settings Access settings Sessions settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions
How do I access the API How do I audit transaction activity How do I configure external federation authentication How do I manage accounts on unsupported platforms How do I modify the appliance configuration settings How do I prevent Safeguard for Privileged Passwords messages when making RDP connections How do I see which assets and/or accounts are governed by a profile How do I set the appliance system time How do I setup discovery jobs How do Safeguard for Privileged Passwords database servers use SSL What are the access request states What do I do when an appliance goes into quarantine What is required for One Identity Safeguard for Privileged Passwords, embedded sessions module What is required to integrate with Starling Identity Analytics & Risk Intelligence What needs to be set up to use Application to Application What role-based email notifications are generated by default When does the rules engine run for dynamic grouping and tagging Why did the password change during an open request Why join Safeguard for Privileged Passwords to One Identity Starling
Safeguard Desktop Player Appendix: Safeguard ports

Backup settings

Settings is where you configure an automatic backup schedule.

To schedule backups

  1. Navigate to Administrative Tools | Settings | Backup and Retention | Safeguard Backup and Restore.
  2. Click  Settings.
  3. In the Backup Settings dialog, specify the backup schedule:
    1. Interval: Choose Never, Minute, Hour, Day, Week, or Month.

      NOTE: Best Practice: Do not use the Minute interval.

    2. Time of day: Set the start time.
    3. Repeat interval: Select the interval at which you would like to repeat the backup task.
    4. If Weekly, select which days of the week the backup task is to run.
    5. If Monthly, set the recurrence pattern. Select one of the following options and specify the monthly repeat interval:

      • Day of month
      • Week of month | Day of week

      TIP: If you schedule a backup and a backup has already occurred for that interval (Minute, Hour, Day, Week, or Month), Safeguard for Privileged Passwords will not execute another backup until the following minute, hour, day, week, or month. For example, if a backup has already occurred today and you set the backup schedule to run a daily backup, Safeguard for Privileged Passwords will not run the backup until tomorrow.

    6. Time Zone: Select the time zone.
    7. Select Send to archive server to store the backup files externally from the appliance.

      Note: This option is only available if you have configured an archive server. For more information, see Adding an archive server.

You configure the maximum number of backup files you want Safeguard for Privileged Passwords to store on the appliance on the Backup retention page.

Download

Safeguard for Privileged Passwords allows you to save a selected backup file in a location on your computer.

To download the backup file

  1. Navigate to Administrative Tools | Settings | Backup and Retention | Safeguard Backup and Restore.
  2. Select a backup file and click Download.
  3. Browse to select a location of your choice.
  4. Give the file a name and click OK.

Note: Safeguard for Privileged Passwords copies the backup file; it does not remove the backup from the list displayed on the Backup and Restore page.

Upload

Safeguard for Privileged Passwords allows you to retrieve a backup file from a file location and add it to the Safeguard for Privileged Passwords Backup and Restore page list on the appliance.

To upload a backup file

  1. Navigate to Administrative Tools | Settings | Backup and Retention | Safeguard Backup and Restore.
  2. Click  Upload.
  3. Browse to select a backup file and click Open.

Restore

Safeguard for Privileged Passwords allows you to restore the data on your appliance with data from a selected backup.

Safeguard for Privileged Passwords does not restore the appliance IP address, NTP settings or the DNS settings. To verify that these settings are correct after a restore, go to Settings | Appliance Information.

Caution: If you restore a backup that is older than the Maximum Password Age set in the Login Control settings, all user accounts (including the bootstrap administrator) will be disabled and you will have to reset all of the user account passwords. If your bootstrap administrator's password is locked out, you can reset it from the recovery kiosk. For more information, see Admin password reset.

To restore the Safeguard for Privileged Passwords appliance from a selected backup

  1. Navigate to Administrative Tools | Settings | Backup and Retention | Safeguard Backup and Restore.
  2. Select a backup. If the backup file is not listed, you can Upload it first.
  3. Click Restore.
  4. In the Restore dialog, enter the word Restore in the box and click OK.

    Safeguard for Privileged Passwords automatically restarts the appliance, if necessary.

  5. Once the appliance is fully operational, it asks you to restart the Windows desktop client. All modifications to Safeguard for Privileged Passwords objects since the backup was created will be lost.

Caution: After a restore, requesters, approvers, and reviewers will not have access to any access request workflow events that were in process at the time of the backup. The Activity Center displays those workflow events as incomplete.

Related Documents