• Discovery Job Timing

    I'm curious to know exactly how the scheduling of Discovery Jobs works, and if it can be predicted when a job will run in a massive environment.

    I'm working with a customer that has some 100k Assets just to give an idea of the scale. When we schedule…

  • How to link AD users account with Join Domain assets?

    Hi Community,

    I have a Safeguard Privileged Password (SPP), created AD users as SPP users so they can request a password to access the RDP session to joined domain Windows Servers, respectively the can you use account for access the assets (joined domain…

  • CAL Licenses for RDS Server for RDP Application implementation


    i was wondering how the access to the RDS Server is managed when implementing RDP Apllication protocol, in particular i'm talking about simultaneous access by using a single account.

    Usually we specify in the entitlement which user is going…

  • CISCO ISE support


    from documentation (https://support.oneidentity.com/it-it/technical-documents/safeguard-for-privileged-passwords-on-demand/hosted/administration-guide/3#TOPIC-1757313) i see that platform CISCO ISE is supported by SPP.

    Though the supported versions…

  • Protocol used by SPP to comunicate with Domain Controller


    i would like to have an official answer to this question:

    When comunicating with AD Domain Controller (for example, for a user group sync), which protocol does SPP On Demand use? Does it use TLS or SSL?

    Thank you in advance,


  • Adding X1 Interface (VM)

    I'm trying to add in an X1 interface on a newly stood-up SPP appliance, and I'm not sure how to get the X1 to show up.

    The appliance has been stood up in vCenter, and it has been given two NICs. However, I'm only seeing X0 when looking at Appliance…

  • Allow Simultaneous Access in ARPs

    Can anyone explain to me the real impact of the "Allow Simultaneous Access" checkbox that appears on the Access Request Policy of type RDP Session?

    For instance, if I set the "Maximum Users at One Time" value to 10, does it mean that only 10…

  • RDP Session User Idle Timeout Causes Password Issue


    I have configured an entitlement that contains an RDP access request policy.

    The RDP ARP has the following settings enabled:

    • Allow Simultaneous Access: 3
    • Close Expired Sessions

    It uses the safeguard_rdp SPS connection policy which uses the following…

  • Duplicate Assets from Discovery

    I have found that if you were to create an Asset manually, and then discover that same Asset in a Discovery Job, a duplicate asset will be created. It does not work the other way around, as trying to create an asset manually will throw an error if that…

  • System Error on SPP authentication

    Hi everybody,

    I have a little technical question about a problem of one of my customers.

    When the user tries to authenticate, he receives the following error on the SPP login page:

    "A system Error happened and it has been registered. Retry later or contact…

  • Azure Migrate Functionality

    Working with a customer that wants to move their SPPs from on-prem vCenter up to Azure using the Microsoft Azure Migrate Tool: https://learn.microsoft.com/en-us/azure/migrate/migrate-services-overview

    I don't have access to an Azure tenant to attempt…

  • Link Discovered Azure Accounts



    I want to link discovered Azure Accounts with Users on SPP, so users can only request their personal Azure accounts.


    As Azure is not defined as a Directory in SPP it’s not possible to link them the standard way.


    Thank you for your help…

  • Clonning SPS to a new host with different IP address

    Hi! Is it possible to clone SPP cluster (config master+two managed hosts) to another virtual machines (with different IPs and hostnames) without shutting down original VMs? The goal is to test SPS upgrade from v6 to v7, and do this test on machines a…

  • Automatically link Managed Directory Accounts

    OISG version: 7.1.1

    Active Directory version: 2019


    I have followed the answer to a forum question about configuring OSID and AD for the accounts to be automatically linked to SG users. This is the question link: OISPP v7.2 | Automatically link Managed…

  • SNMP traps configuration


    Is it possible to specify the SPS and SPP network interface from which the SNMP traps are sent?



  • Session recording can be deactivated?


    i have an environment with SPP and SPS joined together (both with the 7.3 version), i want to record the sessions of a group of users and don't record the sessions of another group of users.

    Is possible to do this? 

    Thank you,


  • 3 nodes SPP cluster linked to distinct 2 nodes SPS clusters


    i want to ask if this kind of configuration is possible.

    i want to configure an environment made of an SPP cluster (made of 3 nodes).

    Then, i want to link this SPP cluster with multiple SPS clusters made of 2 nodes each.

    Can i link multiple Central…

  • Seeking Solution: SPP Entitlements and User-to-Server Access Mapping Issue

    I've encountered a challenge with entitlements in SPP concerning user-to-server access mapping. With our configuration, individual domain accounts are set up to grant access to particular Windows Servers. However, when a user initiates a new request within…

  • Moving SPP from VM to Azure Datastore

    I have a client with 3 SPP appliances in their VMware setup, and they are looking to migrate to Azure. 

    Their first question is whether or not they would be able to simply move the VMs to a datastore that lives in Azure, and if so what benefits that gives…

  • What is the web Framework service running on both SPP & SPS appliances?

    Dear Gents,

    What is the web Framework service running on both SPP & SPS appliances? 

  • Error "Specify either an Account by ID or credentials, not both"

    Hi Everyone,

    While trying to add a domain user in SPP, the appliance keeps loading for users from AD but fails to find the user. Upon checking the AD integration for connection, it consistently gives an error stating, 'Specify either an Account by ID…

  • How to view description of a account/password once it is has been requested in One-Identity SPP?

    We are facing an issue where users have requested to view the account/password description once it has been requested via "My requests"? Is there any way to view it?

    The description to an account is only visible when we make a request and it…

  • End of Life for Safeguard 2000 Physical Boxes?

    Hello Experts,

    When's end of Life for Safeguard 2000 Physical Boxes? We want to refresh our environment but analyzing options to make it future proof. is it recommended to move to new Safeguard 3000 boxes?


    Osman Yousuf

  • Check password fails


    we're checking various accounts passwords. The check seems to work only with passwords that follow AD password policies.

    In our case there is an account with a simple password that doesn't follow those policies, but still the password is set…

  • Remote session from spp to SPS(webinterface)

    Hi everyone,

    i want to remote access my spp appliance via sps. (The webinterface)

    I saw that there is an sps platform in the asset creation, but i cant connect.
    Please tell me how to fill the parameters.