立即与支持人员聊天
与支持团队交流

One Identity Safeguard for Privileged Passwords 7.0.3 LTS - User Guide

Search by attribute

The attributes available for searching are dependent on the type of object being searched. The search drop-down menu lists the attributes that can be selected.

API attributes can be searched

The drop-down menu lists a limited number of attributes that can be searched; however, you can perform an attribute search using the English name of any attribute as it appears in the API. Nested attributes can be chained together using a period (.). To see a list of all the attributes, see the API documentation.

Entering the search string

  1. Click the icon and select the attribute to be searched.

    The selected attribute is added to the search box. For example, if you select Last Name then LastName: is added to the search box.

  2. In the search box, enter the text string after the colon in the attribute label.

    You can specify multiple attributes, repeating these steps to add an additional attribute to the search box. Do not add punctuation marks, such as commas or colons, to separate the different attributes. When multiple attributes are included, all search criteria must be met in order for an object to be included in the results list. In the web client, if conflicting attributes are entered for the same search (for example, both true and false) then the results will expand to show all matches so long as they fit one of those attributes.

    As you type, the list displays items whose selected attributes contain the text that was entered.

    NOTE: The status bar along the bottom of the console shows the number of items returned.

  3. To clear the search criteria, click the button.

    When you clear the search criteria, the original list of objects are displayed.

Exporting data

Throughout the web client, when an Export button appears above a table it indicates that the data appearing in the table can be exported as either a JSON or CSV file.

To export data

  1. Navigate to the page displaying the information to be exported. For example, if you want to export user information in order to see who can log into the product then you would navigate to the Users page.
  2. (Optional) Apply filters or search criteria to the displayed data.
  3. Click the Export button.
  4. On the export dialog, select CSV or JSON. Different information may be available depending on your selection. For example, when the data covers an array of information then the CSV will only report the number of items in the array whereas the JSON will contain the full list. This can be seen when exporting Account Groups data; the CSV will show the number of accounts in a group, but the JSON will show all of the information for all the accounts in a group.
  5. Click Fields to open the Export Fields dialog where you can select which fields to include in the report. The Export Fields dialog will be prepopulated with the selections made during the last export of data from the page.
  6. Click OK to save your selection.
  7. Click Sort By to open the Export Sort Order dialog where you can select the order in which to sort the previously selected fields. This allows you to organize the exported data according to your needs.
    • Add Sort Order: Use this button to add additional fields by which to sort the data.
    • Clear All Sort Orders: Use this button to clear all selected fields.
    • Drag up or down to change the sort order: When you have multiple sort orders, click and hold this icon with your cursor then drag the selected sort order to whichever spot in the list you want.
    • Order By: Use this drop-down to select a field by which to sort the data. Additional drop-downs are added using the Add Sort Order button. The Order By fields will be prepopulated with the selection(s) made during the last export of data from the page.
    • or Change Sort Direction: Clicking this button changes the sort direction for the field. For example, if you have selected FirstName in the Order By drop-down and as the sort direction, your exported data will order the results in alphabetical order based on FirstName.
    • : Clicking this button removes the associated Order By selection.
  8. Click OK to save your selection.
  9. Selecting the Limit Results check box displays the Number of results to include field which is used to limit the number of results that will be included in the exported file. The Number of results to include field will be prepopulated with the selection made during the last export of data from the page.
  10. Click Export.

Privileged access requests

One Identity Safeguard for Privileged Passwords provides a workflow engine that supports time restrictions, multiple approvers, reviewers, emergency access, and expiration of policy. It also includes the ability to input reason codes and integrate directly with ticketing systems.

In order for a request to progress through the workflow process, authorized users perform assigned tasks. These tasks are performed from the user's Home page.

As a Safeguard for Privileged Passwords user, your Home page provides a quick view to the access request tasks that need your immediate attention. In addition, an Administrator can set up alerts to be sent to users when there are pending tasks needing attention. For more information, see Configuring alerts.

The access request tasks you see on your Home page depend on the rights and permissions you have been assigned by an entitlement's access request policies. For example:

  • Requesters see tasks related to submitting new access requests, as well as actions to be taken once a request has been approved (for example, viewing passwords, copying passwords, launching sessions, and checking in completed requests).

    Requesters can also define favorite requests, which then appear on their Home page for subsequent use.

  • Approvers see tasks related to approving (or denying) and revoking access requests.
  • Reviewers see tasks related to reviewing completed (checked in) access requests, including playing back a session if session recording is enabled.

The following three workflows are available:

Configuring alerts

All users are subscribed to the following email notifications; however, users will not receive email notifications unless they have been included in a policy as a requester (user), approver, or reviewer.

  • Access Request Approved
  • Access Request Denied
  • Access Request Expired
  • Access Request Pending Approval
  • Access Request Revoked
  • Password was Changed
  • SSH key was Changed
  • Review Needed
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级