Chat now with support
Chat mit Support

Safeguard for Privileged Passwords On Demand Hosted - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Getting started with the desktop client Using the desktop client Activity Center Search box Privileged access requests Toolbox Accounts Account Groups Assets
General/Properties tab (asset) Accounts tab (asset) Account Dependencies tab (asset) Owners tab (asset) Access Request Policies tab (asset) Asset Groups tab (asset) Discovered SSH Keys (asset) Discovered Services tab (asset) History tab (asset) Managing assets
Asset Groups Discovery Entitlements Linked Accounts Partitions Profiles Settings
Access Request settings Appliance settings Asset Management settings Tags Backup and Retention settings Certificates settings Cluster settings Enable or Disable Services settings External Integration settings Password Management settings Real-Time Reports Safeguard Access settings SSH Key Management settings Security Policy Settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions About us

Managing account groups

Use the controls and tabbed pages in the Account Groups view to perform the following tasks to manage Safeguard for Privileged Passwords account groups:

Adding an account group

It is the responsibility of the Security Policy Administrator to add account groups to Safeguard for Privileged Passwords.

Adding a dynamic account group

It is the responsibility of the Security Policy Administrator to add dynamic account groups to Safeguard for Privileged Passwords.

Dynamic account groups are associated with rules engines that run when pertinent objects are created or changed. For example:

  • Whenever you add or change an asset account, all applicable rules are reevaluated against that asset account.
  • Whenever you change an asset account rule, the rule is reevaluated against all asset accounts within the scope of that rule. In other words, the rule is reevaluated against all asset accounts for grouping and the asset accounts within the designated partitions for tagging.

You can create a dynamic account group without any rules; however, no accounts will be added to this dynamic account group until you have added a rule.

In large environments, there is a possibility that the user interface may return before all of the rules have been reevaluated and you may not see the results you were expecting. If this happens, wait a few minutes and Refresh the screen to view the results.

General tab (add dynamic account group)

On the General tab of the Dynamic Account Group dialog, supply general information about the dynamic account group.

Table 40: Dynamic Account Group: General tab
Property Description
Name

Enter a unique name for the dynamic account group.

Limit: 50 characters

Description

Enter information about this dynamic account group.

Limit: 255 characters

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen