I’m using One Identity PAM with both SPP and SPS components. I recently added a new domain () to the environment. SPP can successfully discover servers and accounts from the new domain, but SPS is unable to resolve the FQDNs of those servers.
Here…
I’m using One Identity PAM with both SPP and SPS components. I recently added a new domain () to the environment. SPP can successfully discover servers and accounts from the new domain, but SPS is unable to resolve the FQDNs of those servers.
Here…
Hello,
I have an internal IIS website that uses the "Windows authentication" NTLM method for login authentication, and I need to configure it as a remote app. However, when I attempt to do this, the login flow fails, the credentials are not injected properly…
Hi all.
Let's say an application uses SPP SaaS password vault in order to consume and rotate service account passwords.
What happens if there is a network/internet issue and the application cannot reach SPP SaaS? The application is still working since…
Dear Community,
I'm currently working with a Safeguard environment running version 8 LTS. We have a scenario where a user accesses an SSH asset using their username and an SSH private key without a password.
During asset onboarding, I added the SSH…
Hi,
We are trying to rewrite the account name that are used when logging in to a server, as we are planning to implement SRA and prefer personal user accounts.
When a user is requesting a root account we have crated a aa plugin that looks for a requestable…
Hi,
soon we will need to migrate the configuration from a 3 node SPP cluster that is virtualized to a 3 node hardware cluster.
Sticking to documentation, this migration is not possible (but it is if done the other way), so i would like to ask: is there…
Hi,
i was wondering how does the LDAP Filter on Assets Discovery does work.
The use case is to exclude a specific sub-OU from the discovery but the filter seems only responding to parameters like CN, Description, IP, ecc....OU= is not among them.
Would…
Hi,
some users when logging in SPP via MFA need to do the procedure 2 times before going into SPP console.
So they access SPP via the HTTPS link, log in the first time, gets redirected on the login page, login again and this time they can get into the…
Hi,
recently we have been experiencing a problem with Domain Service Accounts to manage Directory Accounts on SPP.
Seems like that minimum privileges are not enough to change and verify directory account secrets. It only works when the service account…
Hello everyone,
i'm trying to integrate DB ans SPS, and the aim is to let user access the db with the domain credentials, connected with SPS/SPP. I'm using a trasparent configuration, so I need a jump host server, where I already installed most of…
Hi all,
I am configuring an onDemand environment with 2 different connection policies on SPS for both RDP and SSH.
The 2 SSH policies use port 22 and 2223 to determine which connection needs to be used.
On SPP i am configuring an SSH asset with SSH…
Hi all,
i need to change the field "Session Port" for around 200 assets. I have been trying doing it by CSV import, but seems like it is not meant for updates.
Is there a way to modify the field in mass? Otherwise is the only solution modifying…
When the SPP Audit logs are archived, Audit Logs are stored in the Archive server and removed from the Appliance.
Do we have an app/reader that can process the Archived SPP Audit logs? the archived audit logs are in JSON format and it's a lot of columns…
Dear Community,
We are integrating SPP with our IBM QRADAR SIEM solution and would like to understand which events from the Access Request Workflow can be forwarded to the SIEM. I have attached a screenshot where the SIEM team has pulled information from…
Hello,
we currently have an SPS cluster and an SPP cluster linked together. We need to upgrade the appliances; is it possible to do this without causing cluster downtime, or will the sessions not be functional?
Thank you
Hello all.
I have been trying to automate asset creation on my SPP solution, and my goal is to have the appliance automatically generate and deploy the SSH key for the service account.
I am able to generate correctly the asset (and the related accounts…
when trying to change AD managed user password I got an error
Connecting with asset AD Server(xxxxxx).
Looking up user information for XXXX.
Changing password for account XXXX.
Connecting to asset AD Server (xxxxxxx) failed with error: The filename…
Dear Team,
Are there any implementation activities questioners for new implementations including all systems prerequisites and required user privileges from different managed systems?
Good morning guys, do you know if it is possible to bring the server name instead of the IP when doing network discovery? DNS is working ok.
Dears,
I am integrating SPP with a machine that has the ArbOS operating system (A proprietary operating system created by Netscout). However, after contacting support, I knew that the initial shell that open when someone tries to login to the server is…
Hi,
i was wondering if there is a best practice that permits a client to transfer all the data from one appliance to another, even from different types of environments (i.e from onPrem to onPrem, from onPremo to onDemand, from onDemand to onDemand)
Lets…
I'm curious to know exactly how the scheduling of Discovery Jobs works, and if it can be predicted when a job will run in a massive environment.
I'm working with a customer that has some 100k Assets just to give an idea of the scale. When we schedule…
Hi Community,
I have a Safeguard Privileged Password (SPP), created AD users as SPP users so they can request a password to access the RDP session to joined domain Windows Servers, respectively the can you use account for access the assets (joined domain…