Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - Quest ESSO Console Administrator Guide

1. Overview 2 Authenticating to Quest ESSO Console and Managing Protection Modes 3 Searching the Directory Tree 4 Managing Administrators 5 Managing Security Profiles
5.1 Managing Time Slices 5.2 Managing Password Format Control Policies 5.3 Managing User Security Profiles 5.4 Managing Access Point Security Profiles 5.5 Managing Application Security Profiles 5.6 Defining Security Profiles Default Values 5.7 Managing User and Access Point Security Profiles Priorities
6 Managing Directory Objects
6.1 Managing Applications 6.2 Managing Users 6.3 Managing Access Points 6.4 Managing Representative Objects 6.5 Managing Clusters of Access Points 6.6 Selecting a Domain Controller
7 Importing/Exporting Security Profiles and Directory Objects 8 Managing Smart Cards
8.1 Assigning Smart Cards to Users 8.2 Formatting Smart Cards 8.3 Forcing a new PIN 8.4 Disabling Temporarily Smart Cards 8.5 Unlocking Smart Cards 8.6 Sending Smart Cards to a Blacklist 8.7 Extending the Validity of a Smart Card 8.8 Allowing Users to Renew their Smart Card Certificates 8.9 Displaying Smart Card Properties 8.10 Displaying the List of Supported Smart Cards 8.11 Managing Smart Card Configuration Profiles 8.12 Managing Loan Cards 8.13 Managing Smart Cards' Authentication Parameters 8.14 Managing Batches of Smart Cards
9 Managing SA Server Devices 10 Managing RFID Tokens 11 Managing Biometric Enrolment 13 Enabling the Public Key Authentication Method 14 Managing the Emergency Plan 15 Managing Audit Events 16 Managing Reports 17 Customizing Configuration Files 18 Creating Scripts Appendix A: Regular Expressions - Basic Syntax Appendix B: Listing Audit Events and Error Codes Appendix C: Correspondence Between Profile and Administration Rights

6.2.11 Displaying and Deleting User Biometric Data

The Biometrics tab displays information about the user biometric data enrolment, and allows you to remove enrolment biometric data from the controller.
Bio: Is enabled to allow biometrics pattern enrolment: this right allows you to display and remove biometric data from the controller, and allows users to enroll their biometric data (see Section 5.3.2.5, "Biometrics Tab").
1.
In the tree structure of the Directory panel, select the wanted user.
2.
Click the Biometrics tab.
The Biometrics tab appears, displaying user’s biometric data, as described in the following Window Description section.
Provider field
You must have the right Bio: Is enabled to allow biometrics pattern enrolment to use this button

6.2.12 Assigning Applications to a User

1.
In the tree structure of the Directory panel, select the wanted user.
2.
Click the Application Access tab.
The Application Access tab appears.
Select Show inherited access to display all the applications inherited from the parent groups and organizational units.
Click Add to select applications to assign to the selected user, then fill in the Access properties area and click Apply.
For more details on the Access properties area, see the sub-section just below.
At any time, you can click the
Edit and Remove buttons to modify or delete entries of the Access list.
The Access properties area allows you to define how users access the application using the following parameters:
Account Type: this drop-down list allows you to select between the following entries the Account type used by the user:
Format: If you select the primary account type, select in this drop-down list the format of the Windows user name (user name preceded by NETBIOS domain or including Windows domain for example).
Application profile: if you have defined several application security profiles at application level, you can specify the profile to be used for this access.
Role: if the user has access to various accounts for the selected application, you must assign different roles to these accounts using the Manage button.
Users can create additional accounts: select this option to authorize the user to create as many accounts as he/she wants.

6.2.13 Displaying Delegated Sessions

The Session Delegation tab allows you to display the list of delegations concerning the selected Cluster user.

6.2.14 Managing User RFID Tokens

The RFID tab allows you to assign, lock or unlock, send into a blacklist and delete, or display information on the RFID tokens of a user. For details on how to manage tokens through this tab, see Section 10., "Managing RFID Tokens".
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating