Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - Quest ESSO Console Administrator Guide

1. Overview 2 Authenticating to Quest ESSO Console and Managing Protection Modes 3 Searching the Directory Tree 4 Managing Administrators 5 Managing Security Profiles
5.1 Managing Time Slices 5.2 Managing Password Format Control Policies 5.3 Managing User Security Profiles 5.4 Managing Access Point Security Profiles 5.5 Managing Application Security Profiles 5.6 Defining Security Profiles Default Values 5.7 Managing User and Access Point Security Profiles Priorities
6 Managing Directory Objects
6.1 Managing Applications 6.2 Managing Users 6.3 Managing Access Points 6.4 Managing Representative Objects 6.5 Managing Clusters of Access Points 6.6 Selecting a Domain Controller
7 Importing/Exporting Security Profiles and Directory Objects 8 Managing Smart Cards
8.1 Assigning Smart Cards to Users 8.2 Formatting Smart Cards 8.3 Forcing a new PIN 8.4 Disabling Temporarily Smart Cards 8.5 Unlocking Smart Cards 8.6 Sending Smart Cards to a Blacklist 8.7 Extending the Validity of a Smart Card 8.8 Allowing Users to Renew their Smart Card Certificates 8.9 Displaying Smart Card Properties 8.10 Displaying the List of Supported Smart Cards 8.11 Managing Smart Card Configuration Profiles 8.12 Managing Loan Cards 8.13 Managing Smart Cards' Authentication Parameters 8.14 Managing Batches of Smart Cards
9 Managing SA Server Devices 10 Managing RFID Tokens 11 Managing Biometric Enrolment 13 Enabling the Public Key Authentication Method 14 Managing the Emergency Plan 15 Managing Audit Events 16 Managing Reports 17 Customizing Configuration Files 18 Creating Scripts Appendix A: Regular Expressions - Basic Syntax Appendix B: Listing Audit Events and Error Codes Appendix C: Correspondence Between Profile and Administration Rights

6.2.2.2 Displaying User Authentication Information and Administering Roaming Sessions

The user Authentication tab allows you to:
1.
In the tree structure of the Directory panel, select the wanted user.
2.
In the Connection tab, click Authentication.
The Authentication tab appears.
The roaming session duration.
The
Delete roaming session button allows you to delete the current roaming session to force the user to authenticate again at next session opening. It also allows you to disable the roaming session in case the user has lost his/her physical token.

6.2.2.3 Predefine a New User's Primary Password

The Password tab allows you to preset the user's primary password without the user losing this recoverable SSO data.
1.
In the tree structure of the Directory panel, right-click the wanted user and select Force Password.
The Password tab appears.
a)
In the New password and Confirmation fields, type the new user primary password and click Apply.
b)
Click the Generate button to automatically generate the user’s password and click Apply.
a)
Fill-in the New password and Confirmation fields.
b)
Select the User can connect using password authentication check box and click Apply.
c)
To extend the TPA duration, clear the User can connect using password authentication check box and create a new one.

6.2.2.4 Managing User SSPR

The Self Service Password Request tab allows you to display and manage the password and PIN reset feature information for a user. You can perform the following operations:
1.
In the tree structure of the Directory panel, select the wanted user.
2.
In the Connection tab, click Self Service Password Request.
To reset to 0 the password attempts for the user, click the Reset button (works only in connected mode).
The Unlocking code window appears.
a)
Follow the instructions displayed on screen and in User challenge, type the challenge the user gave you.
b)
Click the Generate button.

6.2.2.5 Defining an Audit Identifier

1.
In the tree structure of the Directory panel, select the wanted user.
2.
Click the Connection tab.
3.
In the Audit identifier area, modify the identifier.
4.
Click Apply when done.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating