Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - Quest ESSO Console Administrator Guide

1. Overview 2 Authenticating to Quest ESSO Console and Managing Protection Modes 3 Searching the Directory Tree 4 Managing Administrators 5 Managing Security Profiles
5.1 Managing Time Slices 5.2 Managing Password Format Control Policies 5.3 Managing User Security Profiles 5.4 Managing Access Point Security Profiles 5.5 Managing Application Security Profiles 5.6 Defining Security Profiles Default Values 5.7 Managing User and Access Point Security Profiles Priorities
6 Managing Directory Objects
6.1 Managing Applications 6.2 Managing Users 6.3 Managing Access Points 6.4 Managing Representative Objects 6.5 Managing Clusters of Access Points 6.6 Selecting a Domain Controller
7 Importing/Exporting Security Profiles and Directory Objects 8 Managing Smart Cards
8.1 Assigning Smart Cards to Users 8.2 Formatting Smart Cards 8.3 Forcing a new PIN 8.4 Disabling Temporarily Smart Cards 8.5 Unlocking Smart Cards 8.6 Sending Smart Cards to a Blacklist 8.7 Extending the Validity of a Smart Card 8.8 Allowing Users to Renew their Smart Card Certificates 8.9 Displaying Smart Card Properties 8.10 Displaying the List of Supported Smart Cards 8.11 Managing Smart Card Configuration Profiles 8.12 Managing Loan Cards 8.13 Managing Smart Cards' Authentication Parameters 8.14 Managing Batches of Smart Cards
9 Managing SA Server Devices 10 Managing RFID Tokens 11 Managing Biometric Enrolment 13 Enabling the Public Key Authentication Method 14 Managing the Emergency Plan 15 Managing Audit Events 16 Managing Reports 17 Customizing Configuration Files 18 Creating Scripts Appendix A: Regular Expressions - Basic Syntax Appendix B: Listing Audit Events and Error Codes Appendix C: Correspondence Between Profile and Administration Rights

5.5.3.3 Authentication Method Tab

5.5.3.4 Delegation Tab

The Delegation tab allows you to define delegation permissions, which authorize users to delegate their SSO account so that it can be used by other users.
Limit delegation duration to x days check box
Allows you to set the maximum number of days of application delegation.
Authorize delegation to all users check box
Authorizes delegation to all users of the application.
Authorize delegation to members of the same group check box
Authorizes delegation to all users of the same group.
Authorize delegation to members of the same organization entity check box
Authorizes delegation to all users of the same organization.
Advanced mode, list users/groups/organizational entities authorized for delegation check box
Authorizes delegation to a selection of users, groups, organization units.
A user can delegate his/her SSO account from SSOWatch (for details, see SSOWatch Administrator Guide).  

5.5.3.5 IP Address Constraints Tab

The IP Address Constraints tab allows you to set ranges of IP addresses. An Access Point that has an IP address outside the listed ranges cannot perform SSO on the applications associated with this security profile.
The SSO is allowed in offline mode check box is available when at least one IP address range is set. It applies on all the listed IP address ranges. Select the check box to allow the Access Points that have IP addresses inside the listed ranges to perform SSO on the applications associated with this security profile even if they are not connected to the network.

5.5.4 Displaying Application Security Profile Event Logs

The Events tab allows you to display all the events that are directly or indirectly linked to the selected object, for a defined period (the last two days by default). This report contains both user action and administration log entries.
The Events tab only appears if you have the following administration role:
1.
In the tree structure of the Directory panel, select the wanted application security profile.
2.
Click the Events tab.
The Events tab appears.
3.
In the Filter area, define a period of time to filter the log entries and click Apply (for more information on event logs see Section 15.3.4, "Applying an Audit Filter").
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating