Chat now with support
Chat with Support

One Identity Safeguard for Privileged Sessions 5.9.0 - Administration Guide

Preface Introduction The concepts of SPS The Welcome Wizard and the first login Basic settings User management and access control Managing SPS
Controlling SPS: reboot, shutdown Managing Safeguard for Privileged Sessions clusters Managing a high availability SPS cluster Upgrading SPS Managing the SPS license Accessing the SPS console Sealed mode Out-of-band management of SPS Managing the certificates used on SPS
General connection settings HTTP-specific settings ICA-specific settings RDP-specific settings SSH-specific settings Telnet-specific settings VMware Horizon View connections VNC-specific settings Indexing audit trails Using the Search (classic) interface Using the Search interface Searching session data on a central node in a cluster Advanced authentication and authorization techniques Reports The SPS RPC API The SPS REST API SPS scenarios Troubleshooting SPS Configuring external devices Using SCP with agent-forwarding Security checklist for configuring SPS Jumplists for in-product help Third-party contributions About us

Sealed mode

When sealed mode is enabled, the following settings are automatically applied:

  • SPS cannot be accessed remotely via SSH for maintenance.

  • The root password of SPS cannot be changed in sealed mode.

  • It is not possible to upload or delete plugins in sealed mode.

  • Sealed mode can be disabled only from the local console. For details, see Disabling sealed mode.

To enable sealed mode use one of the following methods:

  • Select the Sealed mode option during the Welcome Wizard.

  • Select Basic Settings > System > Sealed mode > Activate sealed mode on the SPS web interface.

  • Log in to SPS as root using SSH or the local console, and select Sealed mode > Enable from the console menu.

Related Documents