Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - Quest ESSO Console Administrator Guide

1. Overview 2 Authenticating to Quest ESSO Console and Managing Protection Modes 3 Searching the Directory Tree 4 Managing Administrators 5 Managing Security Profiles
5.1 Managing Time Slices 5.2 Managing Password Format Control Policies 5.3 Managing User Security Profiles 5.4 Managing Access Point Security Profiles 5.5 Managing Application Security Profiles 5.6 Defining Security Profiles Default Values 5.7 Managing User and Access Point Security Profiles Priorities
6 Managing Directory Objects
6.1 Managing Applications 6.2 Managing Users 6.3 Managing Access Points 6.4 Managing Representative Objects 6.5 Managing Clusters of Access Points 6.6 Selecting a Domain Controller
7 Importing/Exporting Security Profiles and Directory Objects 8 Managing Smart Cards
8.1 Assigning Smart Cards to Users 8.2 Formatting Smart Cards 8.3 Forcing a new PIN 8.4 Disabling Temporarily Smart Cards 8.5 Unlocking Smart Cards 8.6 Sending Smart Cards to a Blacklist 8.7 Extending the Validity of a Smart Card 8.8 Allowing Users to Renew their Smart Card Certificates 8.9 Displaying Smart Card Properties 8.10 Displaying the List of Supported Smart Cards 8.11 Managing Smart Card Configuration Profiles 8.12 Managing Loan Cards 8.13 Managing Smart Cards' Authentication Parameters 8.14 Managing Batches of Smart Cards
9 Managing SA Server Devices 10 Managing RFID Tokens 11 Managing Biometric Enrolment 13 Enabling the Public Key Authentication Method 14 Managing the Emergency Plan 15 Managing Audit Events 16 Managing Reports 17 Customizing Configuration Files 18 Creating Scripts Appendix A: Regular Expressions - Basic Syntax Appendix B: Listing Audit Events and Error Codes Appendix C: Correspondence Between Profile and Administration Rights

5.4.2.3 QESSO SSOWatch Tab

All the access points associated with this security profile can run the Quest ESSO Console software module if installed.
Show QESSO SSOWatch icon in the task bar
This combo box allows you to define the frequency (in ms) used by SSOWatchmodule of Quest ESSO to scan the workstation Windows desktop to detect the presence of authentication windows.
Do not lock QESSO SSOWatch on smart card withdrawal
Show QESSO SSOWatch launcher in foreground

5.4.2.4 Multi-User Desktop Tab

Neither Advanced Login nor Integration with Windows Authentication is installed.
In Opaque mode, the Multi User Desktop welcome screen covers the full screen in order to hide the desktop.
In Transparent mode, the Multi User Desktop welcome screen appears at the center of the desktop.
Lock keyboard and mouse: select this option to force users to authenticate using tokens or biometrics.
Move information window every: by default, the welcome screen moves clockwise on the workstation’s desktop every 5 seconds. You can either change this value or select Manually to allow users to move the welcome screen using the keyboard (even if Lock keyboard and mouse is selected). The following keys move the window (Left arrow, right arrow, up arrow, down arrow, Home, End, Page up and Page down). For more details, see Session Management Administrator Guide.
Information window is resizable: select this option to allow users to change the size (and the displayed items) of the welcome screen using the plus (+) and minus (-) keyboard keys.
Example: AlertMgmt.exe; word.exe.
Select this option to display a Reboot button in the welcome screen, which allows users to restart the workstation.
Enter 0 to disable this feature.
You can allow users to lock their session. When this option is selected, the Disconnect command is available from the Multi User Desktop icon displayed in the workstation notification area (for more details, see Session Management Administrator Guide).
If Show count down for last <x> seconds before lock is selected, a countdown clock automatically appears on the workstation desktop at the specified time. When the countdown hits zero, the session is locked.
Enter 0 to disable this feature.
You can allow users to logoff Windows. When this option is selected, the Logoff command is available from the Multi User Desktop icon displayed in the workstation notification area (for more details, see Session Management Administrator Guide).
Enter 0 to disable this feature.
Select this option (and check that on wallpaper is selected in the drop-down list) to display information on the Windows desktop of the workstation. To customize the available information, see 5.4.2.1 Security Services Tab.

5.4.2.5 Biometrics Tab

Check box selected: local cache biometric data will be deleted if it has not been used after a defined number of days.
Check box cleared: local cache biometric data is never deleted.
Check box selected: to log on to the computer, users must place their finger in the scanner and then click OK in the Advanced Login welcome screen.
Check box cleared: to log on to the computer, users only have to place their finger in the scanner. the validation is automatic.

5.4.2.6 Self Service Password Request Tab

Remove button
Add button
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating