Properties tab (asset)
The Properties tab lists information about the selected asset.
To access Properties:
web client: Navigate to Asset Management > Assets > 
(View Details) > Properties.
Table 83: Properties tab: General properties
| Name |
The asset name. |
| Description |
Description of the selected asset. |
Table 84: Properties tab: Connection properties
| Platform |
The platform of the selected managed system. |
| Version |
If applicable, the system version. |
| Architecture |
if applicable, the operating system architecture. |
| Network Address |
If applicable, the network DNS name or IP address of the managed system. |
| Authentication Type |
How the console connects with the managed system. For more information, see Connection tab (add asset). |
|
Telnet Session Port |
If connecting to TN3270 or TN5250, the port for connection. |
|
Manage Forest (directory) |
If True, the whole forest is managed. |
|
Forest Root Domain Name (directory) |
The forest root domain for the asset (Name on the General tab). A domain can be identified for more than one directory asset so that multiple directory assets can be governed the same domain. |
|
Managed Domains |
If applicable, the managed domains. |
| Enable Session Request |
If True, session access requests are enabled for the asset. |
|
Port |
The port used for connection. Default is 22. |
| RDP Session Port |
If applicable, the access port on the target server used for RDP session access requests. |
| SSH Session Port |
If applicable, the access port on the target server used for SSH session access requests. |
|
Telnet Session Port |
If connecting to TN3270 or TN5250, the port for connection. |
| SSH Host Key Fingerprint |
The managed system's public host key fingerprint used to authenticate to the asset.
When an asset requiring an SSH host key does not have one, Check Password will fail. For more information, see Connectivity failures. |
|
Sync additions every [number] minutes |
If applicable, the frequency that Safeguard for Privileged Passwords synchronizes the additions or modifications to objects. The date and time of the Last Sync, Last Failure Sync, and Last Success Sync display. The intervals are directory specific. |
|
Sync deletions every [number] minutes |
If applicable, the frequency that Safeguard for Privileged Passwords synchronizes the deletion of objects. The date and time of the Last Delete Sync, Last Failure Delete Sync, and Last Success Delete Sync display. The intervals are directory specific. |
Table 85: Properties tab: Management properties
| Partition |
The name of the partition where the selected asset resides. |
| Password Profile |
The name of the profile that manages the asset's accounts.
When a password profile is inherited from the partition this will be indicated by the text (Inherited) next to the name of the password profile. When the password profile is explicitly set, a  button will appear that allows you to clear the explicitly set password profile and instead use the password profile that is inherited from the partition.
NOTE: All assets must be governed by a profile. All new assets are automatically governed by the default profile unless otherwise specified. |
| SSH Key Profile |
The name of the profile that manages the asset's accounts.
When an SSH key profile is inherited from the partition this will be indicated by the text (Inherited) next to the name of the SSH key profile.
When the SSH key profile is explicitly set, a button will appear that allows you to clear the explicitly set SSH key profile. Once the cleared profile change is applied, the assigned inherited profile will be displayed. If there is no default SSH key profile designated for the partition, the asset will no longer have an SSH key profile assigned. If there is no SSH key profile explicitly set on the asset, the accounts on that asset will no longer have an SSH key profile assigned. Designating a default SSH key profile for the partition will ensure all assets and accounts in that partition have an inherited SSH key profile.
NOTE: All assets must be governed by a profile. All new assets are automatically governed by the default profile unless otherwise specified. |
|
Managed Network |
The managed network that is assigned for work load balancing. For more information, see Managed Networks. |
|
Available for discovery across all partitions |
If True, this asset is read-access available for Asset Discovery jobs beyond partition boundaries. |
| Enable Session Request |
If True, session access requests are enabled for the asset. |
Table 86: Properties tab: Account Discovery properties
| Account Discovery |
Account discovery identifier. |
|
Description |
The description of the schedule. |
|
Schedule |
The account discovery schedule. |
| Last Successful Account Discovery |
The date and time of the last successful account discovery. |
| Last Failed Account Discovery |
The date and time of the last failed account discovery. |
| Next Account Discovery |
The date and time for the next account discovery. |
| Last Successful Service Discovery |
The date and time of the last successful service discovery. |
| Last Failed Service Discovery |
The date and time of the last failed service discovery. |
| Next Service Discovery |
The date and time for the next service discovery. |
Tags: Tag assignments for the selected asset. The information listed in the Tags tab displays both the dynamic tags assigned to the asset through tagging rules and static tags that were added manually. In addition to viewing tag assignments, Asset Administrators can add and remove statically assigned tags using this tab.
Delete: Click this button to delete the selected asset.
Accounts tab (asset)
An asset's Accounts tab displays the accounts associated with this asset.
Click 
New Account from the details toolbar to associate an account with the selected asset.
To access Accounts:
- web client: Navigate to Asset Management > Assets > (View Details) > Accounts.
Table 87: Assets: Accounts tab properties
|
Name |
Name of an account associated with the selected asset.
While you can associate an account with only one asset, you can log in to an asset with more than one account. |
|
Domain Name |
The domain name for the account and helps to determine the uniqueness of accounts. |
|
Password Profile |
The name of the profile that manages the account. |
|
SSH Key Profile |
The name of the SSH key profile. |
|
Service Account |
A  check in this column indicates that the account is a service account. |
|
Password Request |
A check in this column indicates that password release requests are enabled for the account.
Click  Access Requests from the details toolbar to enable or disable a user's ability to request access to the selected account. |
|
Session Request |
A check in this column indicates that session access requests are enabled for the account.
Click Access Requests from the details toolbar to enable or disable a user's ability to request access to the selected account. |
|
SSH Key Request |
A check in this column indicates that SSH key release requests are enabled for the account.
Click Access Requests from the details toolbar to enable or disable a user's ability to request access to the selected account. |
|
Disabled |
A check in this column indicates that the asset is not managed, is disabled, and has no associated accounts. |
|
Password |
A check in this column indicates a password is set for the account. For more information, see Checking, changing, or setting an account password. |
|
SSH Key |
A check in this column indicates an SSH key is set for the account. For more information, see Checking, changing, or setting an SSH key. |
|
Description |
Descriptive information entered when the account was added. |
|
Tags |
The tags associated with the account |
Use these buttons on the details toolbar to manage your asset accounts.
Table 88: Assets: Accounts tab toolbar
 New Account |
Add accounts to the selected asset. For more information, see Adding an account to an asset. |
| Delete |
Remove the selected account from the asset. |
|
View Details |
Edit the selected account. |
 Account Security |
Menu options include:
- Check Password, Change Password, Set Password: For more information, see Checking, changing, or setting an account password.
- Check SSH Key, Change SSH Key, Set SSH Key: For more information, see Checking, changing, or setting an SSH key.
|
 Discover SSH Keys |
Run the SSH Key Discovery job associated with the account. For more information, see SSH Key Discovery. |
 Access Requests |
Select an option to enable or disable access request services for the selected account. Values are derived from whether the platform of the asset indicates it supports any of the following: Password Request, SSH Key Request, Session Request. You can enable or disable Password Request, Session Request, and SSH Key Request, as needed.
Service Accounts are created when the Asset is created and by default are not enabled for session or password access.
Discovered Accounts are controlled by the Account Discovery template that is used in discovering the accounts. They are a property of the rule template of the Account Discovery job. For more information, see Adding an Account Discovery rule. |
|
 Enable-Disable
|
Select  Enable to have Safeguard for Privileged Passwords manage a disabled asset. Account Discovery jobs find all accounts that match the discovery rule's criteria regardless of whether it has been marked Enabled or Disabled in the past.
Select  Disable to prevent Safeguard for Privileged Passwords from managing the selected asset. When you disable an asset, Safeguard for Privileged Passwords disables it and removes all associated accounts. If you choose to manage the asset later, Safeguard for Privileged Passwords re-enables all the associated accounts. |
|
 Export
|
Use this button to export the listed data as either a JSON or CSV file. For more information, see Exporting data. |
 Refresh |
Update the list of asset accounts. |
 Search |
To locate a specific asset account or set of accounts in this list, enter the character string to be used to search for a match. For more information, see Search box. |
Account Dependencies tab (asset)
The Account Dependencies tab displays the directory accounts that the selected Windows server depends on to perform services and tasks. The Account Dependencies tab is only applicable for a Windows platform when one or more directories have been added to Safeguard for Privileged Passwords.
Click Add Account from the details toolbar above the grid to associate account dependencies with the selected asset. For more information, see Adding account dependencies.
To access Account Dependencies:
- web client: Navigate to Asset Management > Assets > (View Details) > Account Dependencies.
Table 89: Assets: Account Dependencies tab properties
|
Name |
Name of a directory account. |
|
Directory |
The directory in which the account resides. |
|
Domain Name |
The forest root domain name for the directory. |
|
Distinguished Name |
The distinguished name for a directory account. |
|
Description |
Description of the dependent account. |
The toolbar includes the following:
Table 90: Assets: Account Dependencies tab toolbar
|
Add Account |
Add an account dependency to the selected asset. |
|
 Remove Account
|
Remove the account dependency from the asset. |
|
Refresh |
Update the list of account dependencies. |
|
Search |
To locate a specific account dependency in this list, enter the character string to be used to search for a match. For more information, see Search box. |
Access Requests Policies (asset)
The Access Request Policies tab displays the entitlements and access request policies, including password and SSH key release policies and session request policies, associated with the selected account. This information is available to users that have both Asset Administrator and Policy Administrator permissions.
To access Access Request Policies:
- web client: Navigate to Asset Management > Assets > (View Details) > Access Request Policies.
Table 91: Assets: Access Request Policies tab properties
|
Entitlement |
The name of the access request policy's entitlement. |
|
Access Request Policy |
The name of the access request policy that governs the selected account. |
|
Accounts |
The number of unique accounts in the account groups that are associated with the access request policy. |
|
# Account Groups |
The number of unique account groups in the access request policy. |
|
Account Groups |
The names of the account groups that associate the selected account with the policy. |
|
Assets |
The number of unique assets in the asset groups that are associated with the access request policy. |
|
# Asset Groups |
The number of unique assets groups in the access request policy. |
|
Asset Groups |
The names of the asset groups that associate the selected account with the policy. |
Use these buttons on the details toolbar to manage your access request policies associated with the selected account.
Table 92: Assets: Access Request Policies tab toolbar
|
Add to Policy |
Add the selected asset to the scope of an access request policy. |
|
Remove Selected |
Remove the selected policy. |
|
Refresh |
Update the list of access request policies. |
|
Search |
To locate a specific policy or set of policies in this list, enter the character string to be used to search for a match. For more information, see Search box. |
