Safeguard - PAG integration question

With normal user accounts, do you mean users that are Safeguard internally and not coming from a 3rd party source like AD?

Yes, those can be managed and assigned to an identity to govern them.

Thanks for reply,

If I understand well, From 1IM I can request a password only of internal users and not of AD ?

Sorry, but I do not understand your question.

OneIM is able to reset passwords in AD and for Safeguard-only Users.

The ability to request or check out a password is a Safeguard function that can be used by OneIM PAG.

Sorry for the unclear question.

Your answer is what I need.

Thanks again

Markus,

another question, related to PAG Integration.

Is it possible to manage from One Identity, the Safeguard Accounts' ?

This is the scenario where someone needs rdp access to a server, and it buys an access role in ITShop to do that. Is it possible a provisioning like this ?

Can One Identity run a process through Safeguard and enable rdp for Safeguard Accounts ?

Thanks

alessandro piantoni said:

This is the scenario where someone needs rdp access to a server, and it buys an access role in ITShop to do that.

Yes, you can request RDP access via Safeguard for "things" that you are allowed to in Safeguard.

alessandro piantoni said:

Can One Identity run a process through Safeguard and enable rdp for Safeguard Accounts

One Identity Manager is not automating the Safeguard configuration, so you need to configure this in Safeguard. But, assume you configure it in a way, that the access to the Hosts / Accounts is controlled by a group (Directory-based group e.g. Active Directory, or local to Safeguard), In that case, One IM is able to provision the RDP access to specific Hosts / Account via requesting the correct Group Membership. This is totally OOTB and a recommended way of doing it for your use case,

But, you need to do the conceptual configuration steps in Safeguard to do so.

alessandro piantoni said:

This is the scenario where someone needs rdp access to a server, and it buys an access role in ITShop to do that.

Yes, you can request RDP access via Safeguard for "things" that you are allowed to in Safeguard.

alessandro piantoni said:

Can One Identity run a process through Safeguard and enable rdp for Safeguard Accounts

One Identity Manager is not automating the Safeguard configuration, so you need to configure this in Safeguard. But, assume you configure it in a way, that the access to the Hosts / Accounts is controlled by a group (Directory-based group e.g. Active Directory, or local to Safeguard), In that case, One IM is able to provision the RDP access to specific Hosts / Account via requesting the correct Group Membership. This is totally OOTB and a recommended way of doing it for your use case,

But, you need to do the conceptual configuration steps in Safeguard to do so.