立即与支持人员聊天
与支持团队交流

One Identity Safeguard for Privileged Passwords 7.5 - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home page Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Global Services External Integration Real-Time Reports Safeguard Access Appliance Management Settings
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms Importing objects
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings
User Management Reports Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions

Adding a user to user groups

It is the responsibility of the Security Policy Administrator to add users to user groups to assign to password policies.

To add a user to a user group

  1. Navigate to User Management > Users.
  2. In Users, select a user from the object list and open the User Groups tab.

  3. Click Add from the details toolbar.
  4. Select one or more groups from the list in the User Groups dialog and click OK.

If you do not see the user group you are looking for and are a Security Policy Administrator, you can click Create New in the User Groups dialog and add the user group. For more information about creating user groups, see Adding a user group.

Adding a user to entitlements

It is the responsibility of the Security Policy Administrator to add users to entitlements. When you add users to an entitlement, you are specifying which people can request access governed by the entitlement's policies.

To add a user to entitlements

  1. Navigate to User Management > Users.
  2. In Users, select a user from the object list and open the Entitlements tab.
  3. Click Add from the details toolbar.
  4. Select one or more entitlements from the list in the Entitlements dialog and click OK.

If you do not see the entitlement you are looking for and are a Security Policy Administrator, you can click Create New in the Entitlements dialog. For more information about creating entitlements, see Adding an entitlement.

Activating or deactivating a user account

It is the responsibility of an Authorizer Administrator or User Administrator to activate or deactivate users within SPP. However, this state can only be changed within SPP on users that have their identity source set to the Local provider. This state cannot be modified for directory users. A directory user's state must be modified in the directory and then synchronized with SPP.

Deactivating a user will prevent that user from logging into SPP and end any currently logged in session. However, an administrator cannot deactivate their own user.

SPP can also be configured to automatically deactivate users who have not logged in within a configured time span. Note, this does not apply to directory users. For more information, see Local Login Control..

To activate or deactivate a user account

  1. Navigate to User Management > Users.
  2. In Users, select a user from the object list.
  3. From the toolbar options, select either Activate User or Deactivate User.

Deleting a user

Typically, it is the responsibility of the Authorizer Administrator to delete administrator users and the User Administrator to delete non-administrator users.

IMPORTANT: When you delete a local user, SPP deletes the user permanently. If you delete a directory user that is part of a directory user group, the next time it synchronizes its database with the directory, SPP will add it back in.

To delete a user

  1. Navigate to User Management > Users.
  2. In Users, select a user from the object list.
  3. Click Delete.
  4. Confirm your request.
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级