Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - Quest ESSO Console Administrator Guide

1. Overview 2 Authenticating to Quest ESSO Console and Managing Protection Modes 3 Searching the Directory Tree 4 Managing Administrators 5 Managing Security Profiles
5.1 Managing Time Slices 5.2 Managing Password Format Control Policies 5.3 Managing User Security Profiles 5.4 Managing Access Point Security Profiles 5.5 Managing Application Security Profiles 5.6 Defining Security Profiles Default Values 5.7 Managing User and Access Point Security Profiles Priorities
6 Managing Directory Objects
6.1 Managing Applications 6.2 Managing Users 6.3 Managing Access Points 6.4 Managing Representative Objects 6.5 Managing Clusters of Access Points 6.6 Selecting a Domain Controller
7 Importing/Exporting Security Profiles and Directory Objects 8 Managing Smart Cards
8.1 Assigning Smart Cards to Users 8.2 Formatting Smart Cards 8.3 Forcing a new PIN 8.4 Disabling Temporarily Smart Cards 8.5 Unlocking Smart Cards 8.6 Sending Smart Cards to a Blacklist 8.7 Extending the Validity of a Smart Card 8.8 Allowing Users to Renew their Smart Card Certificates 8.9 Displaying Smart Card Properties 8.10 Displaying the List of Supported Smart Cards 8.11 Managing Smart Card Configuration Profiles 8.12 Managing Loan Cards 8.13 Managing Smart Cards' Authentication Parameters 8.14 Managing Batches of Smart Cards
9 Managing SA Server Devices 10 Managing RFID Tokens 11 Managing Biometric Enrolment 13 Enabling the Public Key Authentication Method 14 Managing the Emergency Plan 15 Managing Audit Events 16 Managing Reports 17 Customizing Configuration Files 18 Creating Scripts Appendix A: Regular Expressions - Basic Syntax Appendix B: Listing Audit Events and Error Codes Appendix C: Correspondence Between Profile and Administration Rights

6.4.1.3 Assigning a User Security Profile to the Inbound Representative Object

The Security and Self Service Password Request tabs are used to compose the part of the profile belonging to the domain of the user.
The Authentication and Unlocking tabs are used to compose the part of the profile belonging to the domain welcoming the user.
1.
Click the Security Profiles tab.
Click the button to display and if necessary modify the selected user security profile.
3.
Click Apply.

6.4.1.4 Selecting the Access Points Available to the Representative

The Access Points tab is only available if Quest ESSO manages access points.
1.
Click the Access Points tab.
2.
Click the Add/Remove buttons to select the access points that you want to be accessible to the selected Representative.
The Allow on all Access Points parameter of the user security profile (see Section 5.3.2.1, "Authentication Tab") associated with the representative has no effect on the accessibility of access points to the selected representative.
Allow/Forbid
If you have added a group of access points and you want to forbid one or more access point(s) of this group, use the Authorize and Forbid buttons.
Modules
To prevent the Representative from accessing some of the software modules installed on the access point (Advanced Login, Quest ESSO Console, SSOWatch module of Quest ESSO or Enterprise SSO Studio), use the Restriction button.

6.4.2 Managing Outbound Representative Objects

6.4.2.1 Creating/Modifying an Outbound Object

1.
In the tree structure of the Directory panel, right-click the Organizational Unit that must contain your Outbound object and select New\Representative.
2.
Click Outbound access and click OK.
The Outbound Object configuration tabs appears
3.
In the Configuration tab, in the Representative area, type the name of the Representative you are creating.
7.
Click Apply.
1.
In the tree structure of the Directory panel, select the Outbound Object to modify.
The Outbound Object configuration tabs appears.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating