立即与支持人员聊天
与支持团队交流

One Identity Safeguard for Privileged Passwords 7.4 - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home page Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Global Services External Integration Real-Time Reports Safeguard Access Appliance Management Settings
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms Importing objects
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings
User Management Reports Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions

Manually adding a tag to an account

Asset Administrators can manually add and remove static tags to an account. You cannot manually remove dynamically assigned tags which are defined by rules and indicated by a lightening bolt icon. You must modify the rule associated with the dynamic tag if you want to remove it. For more information, see Modifying an asset or asset account tag..

To manually add a tag to an account

  1. Navigate to Asset Management > Accounts.

  2. Select an account and click View Details.

  3. Under Tags, click Edit. Existing tags are displayed.

  4. Click Edit.

  5. Use one of the following methods to assign tags to the account:

    • To assign a previously created tag:

      1. Click Add Tag.

      2. Select the tag(s) to add to the account.

      3. Click Select Tags to save your selection.

    • To create a new tag:

      1. Click Add Tag.

      2. From the Select Tags dialog, click New Tag.

      3. Enter the requested information for the tag and click OK.

      4. Once finished adding any new tags, select the tag(s) to add to the account on the Select Tags dialog.

      5. Click Select Tags to save your selection.

  6. Click OK.

Deleting an account

When you delete an account, SPP does not delete it from its associated asset; it simply removes it from SPP.

If you delete a service account, SPP changes the asset's authentication type to None, which disables automatic password and SSH key management for all accounts that are associated with this asset. All assets must have a service account in order to check and change the passwords or SSH keys for the accounts associated with it. For more information, see About service accounts..

To delete an account

  1. Navigate to Asset Management > Accounts.

  2. Select the account to be deleted.

  3. Click Delete.

  4. Confirm your request.

Adding users or user groups to an account

When you add users to an account, you are specifying the users or user groups that have ownership of an account.

It is the responsibility of the Asset Administrator (or delegated partition owner) to add users and user groups to accounts. The Security Policy Administrator only has permission to add groups, not users. For more information, see Administrator permissions..

To add users to an account

  1. Navigate to Asset Management > Accounts.

  2. In Accounts, select an account from the object list and click View Details.

  3. Open the Owners tab.

  4. Click Add on the Account Owners, Asset Owners, and/or Partition Owners tabs.

  5. Select one or more users or user groups from the list in the Users/User Groups dialog.

  6. Click Select Owners to save your selection.

Checking, changing, or setting an account password

The Asset Administrator can manually check, change, or set an account password.

To manually check, change, or set an account password

  1. Navigate to Asset Management > Accounts.

  2. In Accounts, select an account from the object list.
  3. Click (View Details) from the toolbar.
  4. Navigate to Properties > Secrets.
  5. The Password tile available on this page provides the following options: 
    • Set to set the account password in the SPP database. The Set option does not change the account password on the asset. The Set option provides the following options.
      • Manual Password: Use this option to manually set the account password in the SPP database.
        1. In the Set Password dialog, enter and confirm the password. Click Set Password to update the SPP database.
        2. Set the account password on the physical device to synchronize it with the SPP database.
      • Generate Password: Use this option to have SPP generate a new random password, that complies with the password rule that is set in the account's profile.
        1. In the Set Password dialog, click Generate Password.
        2. Click  Copy Password to put it into your copy buffer.
        3. Log in to your device (using the old password), and change it to the password in your copy buffer.
        4. Click Set Password to change the password in the SPP database.
    • Check to verify the account password is in sync with the SPP database. If the password verification fails, you can change it.
    • Change to reset and synchronize the account password with the SPP database.
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级