Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - SSOWatch Administrator Guide

1 Overview 2 SSOWatch 3 Configuration Editor: Enterprise SSO Studio
3.1 Interface Overview 3.2 Starting and Stopping Enterprise SSO Studio 3.3 Creating or Opening a Configuration 3.4 Configuring General SSO Parameters 3.5 Defining PFCP and Application Profiles 3.6 Defining Application and Technical Definition Objects 3.7 Defining Window Objects 3.8 Testing the SSO 3.9 Exporting or Importing Objects 3.10 Managing Objects in the Tree 3.11 Saving Object Configurations 3.12 Managing Configuration Updates 3.13 Refreshing the Tree
4 The Generic Plug-in 5 The Microsoft Internet Explorer Plugin  6 The SAP R/3 Plug-in 7 Terminal Type Applications 8 The HLLAPI Plug-in 9 Advanced Configuration 10 OLE/Automation Interface Appendix A: Cache Tuning and Asynchronous Update of the Application Data Appendix B: Integrating Care-FX with SSOWatch

3.6.2.4 "Launcher" Tab

The Launcher tab is used to define how SSOWatch may start an application.
Change Icon button
The icon associated with the application, which will be displayed in
SSOWatch.
Application description for user
The application description, which will be displayed in
SSOWatch.
Target
The command line or URL (for web applications), which opens the application.
Start in folder
The directory where the command line should start.
Command line parameters
The SSO parameters to be sent to the command line, if necessary.
The Insert button insert in the command line the item selected in the list (identifier/password).
Authentication methods required if automatic start is used check box and drop down list
Since
SSOWatch can launch applications during session opening, this option enables you to control which applications are launched regarding the authentication method used to log on.
Select the check box and in the drop down list, select the authentication methods required to launch the applications.

3.6.2.5 "Parameters" Tab

Parameters Tab of an Application Object (without Controller)
The Parameters tab allows you to add a list of additional authentication parameters (as Windows Domains or Languages for example). These parameters will enable you to define more fields than simply the couple of fields user name/password of the target application authentication window.
Add button: click this button to add a parameter. The following window appears:
The parameter Windows Domain must be used only with Applications that may use Advanced Login.
To define an External Name for a parameter, select the wanted parameter and click External Name. For more information, see Managing External Names section in the current topic.
Delete button: select a parameter and click Delete.
Properties button:
Select a parameter then click this button to define the properties of the selected parameter.
a)
Description: mandatory description of the parameter for a better understanding.
b)
Parameter type:
Default: the value of the parameter is collected for each SSO account and can be modified by the user.
Global: the value of the parameter is the same for all SSO accounts and is not proposed to the user.
Rule: the value is dynamically defined as a user data function, and cannot be changed.
c)
Value: this is the default value assigned to the parameter. If nothing is entered here, it will be requested at first authentication (data collection) as a function of the parameter type defined previously.
If you have selected Rule in the Parameter type area, between parentheses, get the exact LDAP attribute name (using an LDAP browser) and type it in the Value field. For example, type (mail) to indicate that the parameter value is the user's mail address.
To keep only the first n characters of the LDAP value, use the syntax (attLDAP,n).
Three functions are used to handle LDAP values: UPPER, LOWER and CAPITALIZED. Example: UPPER(mail,10) will return the first 10 characters of the user's mail address in upper case. 
This window appears when you click the External Name button. It allows you to define a mapping between the parameter that you are configuring within Quest ESSO and the name of an external parameter (created using another SSO tool) that must be identified by Quest ESSO.
The Parameters tab allows you to add a list of additional authentication parameters (as Windows Domains or Languages for example). These parameters will enable you to define more fields than simply the couple of fields name/password of the target application authentication window.
The creation of an application is described in Quest ESSO Console Administrator Guide.
Add button: click this button to add a parameter:
The parameter called Windows Domain (which is created upon the installation of Quest ESSO), must be used only without Controller.
b)
To define an External Name for a parameter, select the wanted parameter and click External Name. For more information, see the Managing External Names section in the current topic.
Delete button: select a parameter and click Delete.
Properties button: this button is always disabled.

3.6.2.6 "Application Profile" Tab

By default, every user is authorized to access the application. The Application Profile tab allows you to define the application profile, with an access right granted to all the users by default.
To allow the user to dynamically create new accounts from SSOWatch, select User can create additional accounts.

3.6.3 Defining Advanced Access Rights

Enterprise SSO Studio allows you to define advanced management of access rights, as explained in the following procedure.
The SSO setting by population window is only available in Enterprise SSO Studio used without Controller and LDAP storage mode.
1.
In the Enterprise SSO Studio main window, right-click the application for which you want to define advanced access permissions and click SSO Settings by population.
The SSO Settings by population window appears.
2.
The SSO settings by population window allows you to define the population (user, organizational group or units) that you want to access the application. It is necessary to assign an application profile to each one.
1.
2.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating