立即与支持人员聊天
与支持团队交流

One Identity Safeguard for Privileged Passwords 6.13.1 - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Getting started with the desktop client Using the desktop client Activity Center Search box Privileged access requests Toolbox Accounts Account Groups Assets
General/Properties tab (asset) Accounts tab (asset) Account Dependencies tab (asset) Owners tab (asset) Access Request Policies tab (asset) Asset Groups tab (asset) Discovered SSH Keys (asset) Discovered Services tab (asset) History tab (asset) Managing assets
Asset Groups Discovery Entitlements Linked Accounts Partitions Profiles Settings
Access Request settings Appliance settings Asset Management settings Tags Backup and Retention settings Certificates settings Cluster settings Enable or Disable Services settings External Integration settings Password Management settings Real-Time Reports Safeguard Access settings SSH Key Management settings Security Policy Settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions About us

Accounts tab (profiles)

A profile's Accounts tab displays the accounts associated with this profile.

Click Add Account/New Account from the details toolbar to associate an account with the selected profile.

To access Accounts:

  • web client: Navigate to Asset Management | Profiles | Password Profiles | (View Details) | Accounts.
Table 157: Profiles: Accounts tab properties
Property Description

Name

Name of an account associated with the selected asset.

While you can associate an account with only one asset, you can log in to an asset with more than one account.

Domain Name

The domain name for the account and helps to determine the uniqueness of accounts.

Parent

 

SSH Key Profile

The name of the SSH key profile.

Service Account

A check in this column indicates that the account is a service account.

Password Request

A check in this column indicates that password release requests are enabled for the account.
Click Access Requests from the details toolbar to enable or disable a user's ability to request access to the selected account.

Session Request

A check in this column indicates that session access requests are enabled for the account.
Click Access Requests from the details toolbar to enable or disable a user's ability to request access to the selected account.

SSH Key Request

A check in this column indicates that SSH key release requests are enabled for the account.
Click Access Requests from the details toolbar to enable or disable a user's ability to request access to the selected account.

Disabled

A check in this column indicates that the asset is not managed, is disabled, and has no associated accounts.

Password

A check in this column indicates a password is set for the account. For more information, see Checking, changing, or setting an account password.

SSH Key

A check in this column indicates an SSH key is set for the account. For more information, see Checking, changing, or setting an SSH key.

Description

Descriptive information entered when the account was added.

Use these buttons on the details toolbar to manage your asset accounts.

Table 158: Profiles: Accounts tab toolbar
Option Description
Delete

Remove the selected account from the asset.

Edit

Edit the selected account.

Refresh

Update the list of asset accounts.

Account Security

Menu options include:

Access Request

Select an option to enable or disable access request services for the selected account. Values are derived from whether the platform of the asset indicates it supports any of the following: Password Request, SSH Key Request, Session Request. You can enable or disable Password Request, Session Request, and SSH Key Request, as needed.

Service Accounts are created when the Asset is created and by default are not enabled for session or password access.

Discovered Accounts are controlled by the Account Discovery template that is used in discovering the accounts. They are a property of the rule template of the Account Discovery job. For more information, see Adding an Account Discovery rule.

( web client only) Enable-Disable

Select one of the following:

Select Enable to have Safeguard for Privileged Passwords manage a disabled account.

Select Disable to prevent Safeguard for Privileged Passwords from managing the selected account.

( web client only) Show Disabled

Display the accounts that are not managed and are disabled.

( web client only) Hide Disabled

Hide the accounts that are not managed and are disabled..

Search

To locate a specific asset account or set of accounts in this list, enter the character string to be used to search for a match. For more information, see Search box.

View Password Profile Components (profiles)

When the Password Profiles tab on the Profiles page is selected, a View Password Profile Components link is available. This link displays information on the currently configured password profile components in use by Safeguard for Privileged Passwords.

To open the View Password Profile Components link on the Profiles page:

  • web client: Navigate to Asset Management | Profiles | Password Profiles and click the View Password Profile Components link.

The View Password Profile Components view contains the following tabs:

  • Check Password: This tab provides information on the currently configured check password schedules. You can use the Refresh button to update the listed schedules.

  • Change Password: This tab provides information on the currently configured change password schedules. You can use the Refresh button to update the listed schedules.

  • Account Password Rules: This tab provides information on the currently configured account password rules. You can use the Refresh button to update the listed rules.

  • Password Sync Groups: This tab provides information on the currently configured password sync groups. From this tab the following options are available:

    • Delete: Remove the selected password sync group.

    • Enable-Disable: Use these buttons to either enable or disable the password sync group.

    • Change Sync Group Password:

    • Refresh: Update the listed password sync groups.

SSH Key Profiles (profiles)

Within the web client, the SSH Kay Profiles tab on the Profiles page displays information on the currently configured SSH key profiles in use by Safeguard for Privileged Passwords.

To access the SSH Key Profiles tab on the Profiles page:

  • web client: Navigate to Asset Management | Profiles and open the SSH Key Profiles tab. If needed, you can use the partition drop-down to select the parent partition of the profile (by default all profiles are displayed). Select a profile, then click to display additional information and options.

Selecting one of the profiles displays the following information:

Toolbar

Use these toolbar buttons to manage profiles:

  • New Profile: Add profiles to Safeguard for Privileged PasswordsFor more information, see Adding an asset (desktop client).
  • Delete: Remove the selected profile.
  • Edit: Select a profile then click this button to open additional information and options for the profile.
  • Set as Default: Select a profile then click this button to set it as the default profile.
  • Refresh: Update the list of profiles.

When the SSH Key Profiles tab on the Profiles page is selected, a View SSH Key Profile Components link is available. For more information, see View SSH Key Profile Components (profiles).

View SSH Key Profile Components (profiles)

When the SSH Key Profiles tab on the Profiles page is selected, a View SSH Key Profile Components link is available. This link displays information on the currently configured SSH Key profile components in use by Safeguard for Privileged Passwords.

To open the View SSH Key Profile Components link on the Profiles page:

  • web client: Navigate to Asset Management | Profiles | SSH Key Profiles and click the View SSH Key Profile Components link.

The View SSH Key Profile Components view contains the following tabs:

  • Check SSH Key: This tab provides information on the currently configured check SSH key schedules. You can use the Refresh button to update the listed schedules.

  • Change SSH Key: This tab provides information on the currently configured change SSH key schedules. You can use the Refresh button to update the listed schedules.

  • Discover SSH Key: This tab provides information on the currently discovered SSH keys. You can use the Refresh button to update the listed keys.

  • SSH Key Sync Groups: This tab provides information on the currently configured SSH key sync groups. From this tab the following options are available:

    • Delete: Remove the selected SSH key sync group.

    • Enable-Disable: Use these buttons to either enable or disable the SSH key sync group.

    • Change Sync Group Password:

    • Refresh: Update the listed SSH key sync groups.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级