Chat now with support
Chat with Support

Enterprise Single Sign-On 9.0.2 - Authentication Manager Cluster Administration Guide

Preface Overview Administering Clusters From EAM Console Managing a Cluster from your Workstation Managing Session Delegation

Preface

Preface

Subject

This guide explains how to configure and use the Cluster feature.

Audience

This guide is intended for:

  • EAM (Enterprise Access Management) administrators who know how to use EAM Console.

  • End-users.

Required Software

EAM 9.0 evolution 2 and later versions. For more information about the versions of the required operating systems and software solutions quoted in this guide, please refer to One Identity EAM Release Notes.

Typographical Conventions

Bold Indicates:

  • Interface objects, such as menu names, buttons, icons and labels.
  • File, folder and path names.
  • Keywords to which particular attention must be paid.

 

Italics - Indicates references to other guides.

 

Code - Indicates portions of program codes, command lines or messages displayed in command windows.

 

CAPITALIZATI ON Indicates specific objects within the application (in addition to standard capitalization rules).

 

< > Identifies parameters to be supplied by the user.

 

Warning: A WARNING icon indicates a potential for property damage, personal injury, or death.

 

Caution: A CAUTION icon indicates potential damage to hardware or loss of data if instructions are not followed.

 

IMPORTANT, NOTE, TIP, MOBILE, or VIDEO: An information icon indicates supporting information.

Documentation support

The information contained in this document is subject to change without notice. As our products are continuously enhanced, certain pieces of information in this guide can be incorrect. Send us your comments or suggestions regarding the documentation on the One Identity support website.

Overview

The Cluster mode is intended to employees who have on their desk several computers and need to use them simultaneously. This function is particularly used in financial institution trading rooms or control rooms.

The cluster mode can be combined with Session Management functionalities. For details, see Authentication Manager Session Management Administrator’s Guide.

Cluster of Access Points - Mechanism

Definitions

A cluster of access points is a set of computers on which the Windows sessions are synchronized by EAM. Operations that a user performs on the Windows session (opening, closing, locking, unlocking) of a computer that belongs to the cluster are automatically and simultaneously performed on all the other computers that form the cluster, as illustrated in the following figure:

Figure 1: Cluster of Access points

The number of workstations you can include in a cluster is not limited.

In a cluster of access points, the computer on which the user performs an operation on the Windows session is called the master computer. The same action is simultaneously performed on the other computers of the cluster, called slaves.

IMPORTANT: An EAM Controller does not work in Cluster mode.

 

Behavior of Workstations Included in a Cluster

When a user performs an operation (opening, closing, locking, unlocking) on a computer, this computer becomes the master computer and periodically informs the slave computers of the operation performed. This allows the management of slave computer behaviors.

  • Session Opening/Session Unlocking
    • The cluster function is compatible with all available EAM authentication methods (password, smart card, passive and active RFID, biometrics).
      When a user opens a session on a computer of the cluster, all the sessions of other computers of the cluster open with the same user account.
    • If a slave computer is not reachable at session opening on the master computer, the session opening operation on this slave computer will be performed as soon as the network is restored.
    • If a slave computer restarts, and if the last operation performed on the master computer is a session opening, a session will be opened on this slave computer as soon as it is available.
    • If the session of a slave computer is locked by another user, the session is unlocked only if the Fast User Switching (FUS) option is activated for the user (for more details on FUS, see One Identity Authentication Manager Session Management Administrator’s Guide).
      If a user performs a FUS on a computer, all the other computers of the cluster perform the FUS.
    • If an "Excluded Account" opens a session on a computer that is part of the cluster, this computer is automatically excluded from the cluster.
      For more information on excluded accounts, see One Identity EAM Console Administrator's Guide.
  • Session Locking
  • Session Closing

    When the user closes a computer, all the other computers of the cluster are closed

    NOTE: A slave computer can only accept orders from the master computer if they are compatible with its current session. For example, if a user locks a computer session while all the other cluster computer sessions are closed, these sessions will remain closed.

  • Screensaver

    When a computer screensaver is activated, the computer is not locked. It becomes locked at the end of the screensaver period: it then becomes the master and locks all computers of the cluster.
    You must configure the screensaver according to the wanted computer behavior.

  • Reboot

    The user can decide to reboot one or several workstations of his/her choice or the whole cluster at once.

Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents