Chat now with support
Chat with Support

Safeguard Remote Access Hosted - Administration Guide

Enabling semi-managed network

Improve your network performance and latency with the semi-managed network functionality of One Identity Safeguard Remote Access (SRA). Depending on your network configuration, you may have one or multiple SPS nodes available. With semi-managed network, you can select which SPS node to use in your network when you initiate a connection.

To initiate a connection with a specific SPS node

  1. Navigate to the SRA Connections page and find the connection tile you want to work with.

  2. Open the dropdown menu of that connection tile's Network field and search for the name of the SPS node you want to use for initiating this connection.

    Figure 23: Connections > The connection tile of your choice > Network — Selecting a SPS node for your session

    NOTE: Your selection will not be saved for future reference. You must set your preferences every time you initiate a new connection.

  3. Click Connect.

By default, SRA will select a SPS node randomly from the available pool of SPSs in your network. To enable the semi-managed network functionality, go to Safeguard Remote Access Settings > Features > Semi-managed network. If you have only one SPS node configured in your network, then the name of that SPS node in the Network field will be grayed out and the dropdown menu will not be available.

Cloning connections

Cloning a connection means that you can connect to a different account with the same permissions.

To clone a connection

  1. Go to the Connections page and select the connection you would like to clone.

  2. Click (Options) on the connection card.

  3. Select Clone & Customize. The Add new user to target server side sheet will open.

    Asset, access protocol and policy information are prefilled, as this is an existing connection.

  4. Specify the Account and Domain names for the new connection.

  5. In the Permissions field, select an existing account to copy permissions from (for example, root or Administrator).

  6. Click Create.

Figure 24: Connections > Connection card > > Clone & Customize > Permissions — Cloning a connection

To clone a connection multiple times, use the Create another option.

To clone a connection multiple times

  1. Follow steps 1-4 of the To clone a connection procedure.

    Permissions are cloned from the connection that was last created.

  2. Select Create another.

    Figure 25: Connections > Connection card > > Clone & Customize > Add new user to target server > Create another — Cloning a connection multiple times

  3. Click Create.

Expected result: The connections that you have created are listed on the Connections page.

As long as Create another is selected, the side sheet will remain visible and you can create as many clones of the connection as you require, by clicking Create repeatedly.

Deleting a connection

When you no longer want to access a connection, delete it from One Identity Safeguard Remote Access (SRA).

To delete a connection

  1. Navigate to the Connections page and select the connection you want to delete.

  2. Click (Options) on the connection card.

  3. Select Delete.

    Figure 26: Connections > > Delete — Deleting a connection

  4. Click Delete.

Inviting a One Identity Starling Collaborator

Inviting a One Identity Starling collaborator makes is possible for multiple people to work simultaneously on a project.

NOTE: There are two ways of giving access to connections:

  • Inviting collaborators who have One Identity Starling accounts.

  • Adding Azure Active Directory (AAD) groups directly.

When you invite One Identity Starling collaborators, you cannot limit the accessibility to connections in One Identity Safeguard Remote Access (SRA). The role-based access control functionality of SRA is available only when AAD groups are added directly.

To invite a One Identity Starling Collaborator with the User role

  1. Navigate to Collaborators.

  2. Click Invite Collaborator.

    Figure 27: Collaborators > Invite Collaborator - Inviting a One Identity Starling Collaborator

  3. Here you have two options

    • Use Search to find a collaborator within your organization.

    • If you want to invite a collaborator outside of your organization, click Unable to find collaborator?, and enter the First Name, Last Name, and Email address of the collaborator.

  4. Click Invite.

Below the Invite Collaborator button, you can view the list of all collaborators invited to the project, along with their Status and Roles.

When it comes to Roles, collaborators with One Identity Starling accounts can have two distinct roles: Admin and User. When you invite a collaborator from SRA, the User role will be assigned to this user automatically. This means, that the user will have read-only access to all connections on the Connections page, but will not have configuration rights. Only users with the Admin role are able to configure role-based access control (RBAC), invite other collaborators, and assign roles to other users.

To promote a user from User to Admin role

  1. Select the user you want to promote from the collaborators list.

  2. Click (Options) at the end of the row and select Remove Collaborator.

    NOTE: This action will remove the collaborator only from SRA, but not from One Identity Starling.

  3. Click and select One Identity Starling Settings.

  4. Go to Leave Organization and click Leave. With this, the user's access rights to the SRA subscription will be removed.

  5. Go to One Identity Starling Services.

  6. Select Safeguard Remote Access and click on the upper right corner of the tile.

  7. Re-invite the user with Admin role.

The same process must be applied when you want to demote a user from Admin role to User role.

NOTE: You can promote or demote a user in One Identity Starling Services > Organization > Manage Organization Admins > > Demote to Collaborator directly, however, this will not affect the user role in SRA. The only way to switch roles for a user in SRA is to delete the user and re-invite the user with a different role.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating