Chat now with support
Chat with Support

Please note, you may experience access issues between 6am - 7am Eastern time on Saturday, May 28 2022 due to planned maintenance

Defender 5.11 - Administration Guide

Getting started Managing Defender objects in Active Directory Configuring security tokens Securing VPN access Securing Web sites Securing Windows-based computers Defender Management Portal (Web interface) Securing PAM-enabled services Delegating Defender roles, tasks, and functions Automating administrative tasks Administrative templates Integration with Active Roles Appendices
Appendix A: Enabling diagnostic logging Appendix B: Troubleshooting common authentication issues Appendix C: Troubleshooting DIGIPASS token issues Appendix D: Defender classes and attributes in Active Directory Appendix E: Defender Event Log messages Appendix F: Defender Client SDK Appendix G: Defender Web Service API

Installing administrative templates

To install the administrative templates on Domain Controller

  1. Navigate to %windir%\SYSVOL\sysvol\<DomainName>\Policies directory.
    1. Create a folder PolicyDefinitions and copy the DefenderGroupPolicy.admx file into this folder.
    1. In the PolicyDefinitions folder, create a language specific folder, such as en-US, and then copy the DefenderGroupPolicy.adml file into this folder.
  2. Open the Group Policy Management window (gpmc.msc).
    1. In the left pane (console tree), expand the appropriate forest node, and then expand the Domains node.
    2. Right-click the appropriate domain node, and then on the shortcut menu click Create a GPO in this domain and Link it here.
    3. In the New GPO dialog box, type a name for the GPO being created, and click OK.
  3. Add the Defender Group Policy administrative templates to the GPO you have just created:
    1. In the left pane (console tree) of Group Policy Management, right-click the GPO you have created, and then on the shortcut menu click Edit.

      Group Policy Management Editor opens.

    2. In the left pane (console tree) of Group Policy Management Editor, expand Computer Configuration\Policies\Administrative Templates.

    You can now see One Identity node and Defender sub-node appearing automatically.

 

To install the administrative templates on client computer

  1. Copy the DefenderGroupPolicy.admx file into %windir%\PolicyDefinitions folder directory.
  2. Copy the DefenderGroupPolicy.adml file into %windir%\PolicyDefinitions\en-us directory.

  3. Open the Local Group Policy Editor (gpedit.msc).

    1. In the left pane (console tree) of the Local Group Policy Editor, expand Computer Configuration\Administrative Templates.

You can now see One Identity node and Defender sub-node appearing automatically.

Configuring administrative templates

To configure settings for administrative templates

  1. Open the Group Policy Management Editor (gpedit.msc).
  2. On the left pane, select Computer Configuration\Administrative Templates\One Identity\Defender.
  3. In the right pane, double-click the setting you want to configure.

The DefenderGroupPolicy.admx file provides the following settings:

Temporary Responses setting

You can use this setting to set a maximum limit on the expiry time for temporary helpdesk token responses. By default, status of these settings are not configured.

To enable this setting

  1. Open the Temporary Responses setting.
  2. Click Enabled.
  3. From the Maximum expiry time drop down, select the maximum length of time that a temporary helpdesk token response can remain valid.

NOTE: Now when you assign a temporary helpdesk token response to a user, the maximum expiry time for the response is set to the value defined by this setting.

  1. Click OK.

Active Roles Web Interface - Token Programming setting

You can use this setting to select the token types and token programming modes you want to make available for programming through the Active Roles Web Interface.

To enable this setting

  1. Open the ActiveRoles Web Interface - Token Programming setting.
  2. Click Enabled.
  3. Under Token Types and Token Programming Modes sections, select one or more token types and token programming modes to make it available for programming through the Active Roles Web Interface.
  4. Click OK.

 

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating