Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - Quest ESSO Console Administrator Guide

1. Overview 2 Authenticating to Quest ESSO Console and Managing Protection Modes 3 Searching the Directory Tree 4 Managing Administrators 5 Managing Security Profiles
5.1 Managing Time Slices 5.2 Managing Password Format Control Policies 5.3 Managing User Security Profiles 5.4 Managing Access Point Security Profiles 5.5 Managing Application Security Profiles 5.6 Defining Security Profiles Default Values 5.7 Managing User and Access Point Security Profiles Priorities
6 Managing Directory Objects
6.1 Managing Applications 6.2 Managing Users 6.3 Managing Access Points 6.4 Managing Representative Objects 6.5 Managing Clusters of Access Points 6.6 Selecting a Domain Controller
7 Importing/Exporting Security Profiles and Directory Objects 8 Managing Smart Cards
8.1 Assigning Smart Cards to Users 8.2 Formatting Smart Cards 8.3 Forcing a new PIN 8.4 Disabling Temporarily Smart Cards 8.5 Unlocking Smart Cards 8.6 Sending Smart Cards to a Blacklist 8.7 Extending the Validity of a Smart Card 8.8 Allowing Users to Renew their Smart Card Certificates 8.9 Displaying Smart Card Properties 8.10 Displaying the List of Supported Smart Cards 8.11 Managing Smart Card Configuration Profiles 8.12 Managing Loan Cards 8.13 Managing Smart Cards' Authentication Parameters 8.14 Managing Batches of Smart Cards
9 Managing SA Server Devices 10 Managing RFID Tokens 11 Managing Biometric Enrolment 13 Enabling the Public Key Authentication Method 14 Managing the Emergency Plan 15 Managing Audit Events 16 Managing Reports 17 Customizing Configuration Files 18 Creating Scripts Appendix A: Regular Expressions - Basic Syntax Appendix B: Listing Audit Events and Error Codes Appendix C: Correspondence Between Profile and Administration Rights

6.2.15 Displaying User Event Logs

The Events tab allows you to display all the events that are directly or indirectly linked to the selected object, for a defined period (the last two days by default). This report contains both user action and administration log entries.
If the selected object is a group of users, an organizational unit or a directory, the default events displayed are only related to the group, organization or directory, and the events related to its members are not available.
Audit population area of the Events tab allows you explicitly mark the group, organization or directory for audit, so that audit events on objects members of the group, directory or organization can also be displayed.
The Events tab appears only if you have at least the following administration role:
In the tree structure of the Directory panel, select the wanted user.
Click the Events tab.
The Events tab appears.
In the Filter area, define a period of time to filter the log entries and click Apply (for more information on event logs, see Section 15., "Managing Audit Events").

6.2.16 Deleting SSO Data of Disabled User Accounts

The Quest ESSO software license is based on the number of active users, which are all the user accounts (enabled and disabled) with SSO data.
In the File menu, click SSO & Active Directory disabled account.

6.2.17 Adding or Removing a User from a Group

Quest ESSO Console allows you to add or remove users and Access Points from groups directly through the GUI, without using a third-party group management console.
From a selected group, as detailed in Procedure 2 below.
In the tree structure of the Directory panel, select the wanted user.
The Information tab appears.
Use the Add and Remove buttons to add or remove the user to/from groups.
In the tree structure of the Directory panel, select the wanted group.
The Information tab appears.
Use the buttons to Add user or Remove users to add or remove the user to/from the selected group.

6.3 Managing Access Points

Access points are only included in the Enterprise SSO administration domain if the following conditions are met:
The workstation is included in the Quest ESSO operating environment in the reference LDAP directory domain.
The Quest ESSO client must be installed on the workstations included in the Quest ESSO administration domain.
Only the workstations on which the Quest ESSO client is deployed appear in the tree structure (Directory panel). 
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating