Chat now with support

Get Live Help
Complete Registration

Sign In

Request Pricing

Contact Sales

NOTICE! We are upgrading our support telephone services, implementing Genesys, starting the week of May 26, 2025

Cloud Access Manager 8.1.2 - Configuration Guide

Table of Contents

Configuring a front-end authentication method

Microsoft® Active Directory® authentication Configuring smart card authentication LDAP authentication Microsoft® Active Directory® LDS 389 Directory Service Novell® eDirectory™ Windows Azure™ Active Directory® authentication SAML federated WS-Federated Social authenticators Integration with password management applications Primary credentials Configuring user front-end authentication method selection

Adding a web application

Integrated Windows Authentication

Further considerations

Form fill authentication

Further considerations

Configuring Single Log Out (SLO) for proxied applications

Proxy-less form fill authentication

Further considerations

SAML federation Configuring advanced SAML token settings Configuring advanced WS-Federation token settings OpenID Connect/OAuth 2.0 Manual user provisioning HTTP basic authentication

Further considerations

HTTP header value No back-end SSO

Further considerations

Exporting an application configuration template Forwarding claims to federated applications Adding HTTP headers to proxy applications

Configuring step-up authentication

Configuring front-end authenticators

RADIUS server Smart card Defender as a Service

Configuring each application Configuring for external users Configuring Defender as a Service with Cloud Access Manager

Purchasing a subscription Defender as a Service Dashboard

Using Dell's Security Analytics Engine Enabling Dell's Security Analytics Engine Configuring Cloud Access Manager to use Dell's Security Analytics Engine for access control

Managing your SSL certificate

Obtaining a signed certificate Replacing an expiring certificate Installing a fully signed certificate from a certificate archive file Installing a certificate authority certificate

Changing the Cloud Access Manager service account password

Cloud Access Manager IIS Application Pool Dell Redistributable Secure Token Server Front-end authenticators

Audit report Admin audit report Application usage report Users report Role access report

Customizing Dell™ One Identity Cloud Access Manager

Configuring each application

Configuring step-up authentication for an application is a two stage procedure. The:

•

Front-end authenticator must be configured to support two factor authentication

•

Application must be configured for step-up authentication.


	NOTE: If multiple front-end authenticators are configured, step-up authentication is only available for users who authenticate with front-end authenticators that have two-factor authentication configured.

To configure the front-end authenticator for step-up authentication

1

Navigate to the Front-end Authentication page and click the name of the authenticator that you want to configure.

2

Click the Two Factor Authentication tab.

3

Select Use two factor authentication for specific applications.

4

Configure the RADIUS connection settings if not already configured, please refer to Configuring a front-end authentication method for further information.

To configure the application for step-up authentication

1

Navigate to the Applications page and click the name of the application that you want to configure.

2

Click the Two Factor Authentication tab.

3

From the list, select the users who will require two factor authentication to access the application. This will be either:

•

All users of this application require two factor authentication, or

•

Roles determine which users require two factor authentication.

4

If you are configuring role based access, select the required roles from the Standard authentication roles list and click Add Role to add the role to the list of Two factor authentication roles.

Configuring for external users

Two factor authentication may also be applied only for external users. In this context, external users are defined as users whose IP addresses do not fall in the following ranges:

•

10.0.0.0 - 10.255.255.255

•

172.16.0.0 - 172.31.255.255

•

192.168.0.0 - 192.168.255.255

Two factor authentication for external users may be configured either to apply to all applications, or it can be configured on a per application basis.

To configure two factor authentication for external users for all applications

1

Navigate to the Front-end Authentication page and click on the name of the authenticator that you want to configure.

2

Click the Two Factor Authentication tab.

3

Select Use two factor authentication for all applications for external users only.

4

Configure the RADIUS Connection Settings if not already configured, please refer to Configuring a front-end authentication method for further information.

To configure two factor authentication for external users for specific applications

1

To configure the front-end authenticator follow the steps in To configure the front-end authenticator for step-up authentication.

2

To configure the application follow the steps in To configure the application for step-up authentication.

3

Select the Only use two factor authentication for external users check box on the application's Two Factor Authentication tab.

Configuring Defender as a Service with Cloud Access Manager

Defender as a Service is a cloud based authentication service that allows users to self-register and access their one time passwords on both mobile and desktop devices.

Purchasing a subscription

If you do not currently have a Defender as a Service subscription please email sales@quest.com or telephone: 1-800-306-9329 for assistance.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating

© 2025 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center