Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - Quest ESSO Console Administrator Guide

1. Overview 2 Authenticating to Quest ESSO Console and Managing Protection Modes 3 Searching the Directory Tree 4 Managing Administrators 5 Managing Security Profiles
5.1 Managing Time Slices 5.2 Managing Password Format Control Policies 5.3 Managing User Security Profiles 5.4 Managing Access Point Security Profiles 5.5 Managing Application Security Profiles 5.6 Defining Security Profiles Default Values 5.7 Managing User and Access Point Security Profiles Priorities
6 Managing Directory Objects
6.1 Managing Applications 6.2 Managing Users 6.3 Managing Access Points 6.4 Managing Representative Objects 6.5 Managing Clusters of Access Points 6.6 Selecting a Domain Controller
7 Importing/Exporting Security Profiles and Directory Objects 8 Managing Smart Cards
8.1 Assigning Smart Cards to Users 8.2 Formatting Smart Cards 8.3 Forcing a new PIN 8.4 Disabling Temporarily Smart Cards 8.5 Unlocking Smart Cards 8.6 Sending Smart Cards to a Blacklist 8.7 Extending the Validity of a Smart Card 8.8 Allowing Users to Renew their Smart Card Certificates 8.9 Displaying Smart Card Properties 8.10 Displaying the List of Supported Smart Cards 8.11 Managing Smart Card Configuration Profiles 8.12 Managing Loan Cards 8.13 Managing Smart Cards' Authentication Parameters 8.14 Managing Batches of Smart Cards
9 Managing SA Server Devices 10 Managing RFID Tokens 11 Managing Biometric Enrolment 13 Enabling the Public Key Authentication Method 14 Managing the Emergency Plan 15 Managing Audit Events 16 Managing Reports 17 Customizing Configuration Files 18 Creating Scripts Appendix A: Regular Expressions - Basic Syntax Appendix B: Listing Audit Events and Error Codes Appendix C: Correspondence Between Profile and Administration Rights

6.1.1.2 Creating an Application Using Templates

Quest ESSO Console allows you to use templates to create SAP and Windows application objects. The Template Application item allows you to create an application object with a number of pre-defined parameters. They should be used for specific authentication scenarios. The predefined template applications are:
1.
In the tree structure of the Directory panel, right-click the Organizational Unit that must contain your application and select New/Template-based Application/Windows.
The Windows Application window appears.
3.
1.
In the tree structure of the Directory panel, right-click the Organizational Unit that must contain your application and select New/Template-base Application/SAP.
The SAP application window appears.
3.

6.1.2 Defining the General Properties of an Application

1.
In the tree structure of the Directory panel, select the wanted application.
2.
In the Configuration tab, click the General tab.
The General tab appears.
Click the button to change the Timeslice used by the application.
To display the selected Timeslice parameters, click
Audit area:
You can assign an audit filter to the application to generate only relevant audit events: see
Section 15.3.4.2, "Assigning an Audit Filter to Specific Objects".
4.
Click Apply.

6.1.3 Creating the Account Properties of an Application

6.1.3.1 Defining Account Base Parameters

The Account Base tab allows you to define common bases of Accounts for several applications.
1.
In the tree structure of the Directory panel, select the wanted application.
The Account Base tab appears.
4.
Click Apply.
a)
Check box cleared:
The application standard account is used to perform SSO on the selected application.
b)
Check box selected:
The primary account (the user name and password that the user types to open his Windows session) is used to perform SSO on the selected application.
Short name: username only.
Windows 2000 (and later): username including the Windows domain, for instance: jsmith@quest.com.
NT 4: username preceded by NETBIOS domain, for instance: QUEST\jsmith.
Related Documents