Chat now with support
Chat with Support

Enterprise Single Sign-On 9.0.2 - One Identity Enterprise Access Management Console Administration Guide

Preface Overview Authenticating to EAM Console and Managing Protection Modes Searching the Directory Tree Managing administrators Managing Security Profiles
Managing time slices Managing Password Format Control Policies Managing User Security Profiles Managing Access Point Security Profiles Managing Application Security Profiles Defining Security Profiles Default Values Managing User and Access Point Security Profiles Priorities
Managing directory objects
Managing applications Managing users Managing access points Managing representative objects Managing clusters of access points Selecting a domain controller
Importing/Exporting security profiles and directory objects Managing smart cards Managing SA server devices Managing RFID tokens Managing biometrics Managing Mobile Devices Enabling the public key authentication method Managing Emergency Accesses Managing audit events Managing reports Customizing configuration files Creating scripts Basic syntax of regular expressions Listing audit events and error codes Correspondence between profiles and administration rights Report Models and Parameters List Custom Group Files Format

Renaming User Security Profiles

Before starting

To perform the task described in this section, you must have at least the following administration role:

  • In classic administration mode: "Security object administrator".
  • In advanced administration mode, your role must contain the following administration right: "User security profile: Creation/Modification".

Procedure

  1. In the tree structure of the Directory panel, right-click the user security profile to rename and select Rename.
  2. Type the new name of the object and press the Enter key.

Deleting User Security Profiles

Subject

IMPORTANT: If you delete a user security profile used by users, these users will then use the default user security profile.
Before starting

To perform the task described in this section, you must have at least the following administration role:

  • In classic administration mode: "Security object administrator".
  • In advanced administration mode, your role must contain the following administration right: "User security profile: Deletion".

Procedure

In the tree structure of the Directory panel, right-click the user security profile to delete and select Delete.

  • The user security profile is deleted and removed from the directory tree structure.

Managing Access Point Security Profiles

Subject

If you are working in "no access point management" mode, you cannot create access point security profiles, nor manage their priority. In this case, the default access point security profile is used for all access points.

Object definition

Access point security profiles are security objects that define a set of rights and properties that are applied generically to one or more workstations.

Target objects

As mentioned in Section Overview, the access point object refers to a specific computer, a group of users or an organizational unit that contains computers. Thus, access point security profiles can be applied to the following LDAP directory objects (they are listed from the highest to the lowest priority):

  • Computer.
  • Group of users.
  • Organizational Units.

In this section:

Creating/Modifying Access Point Security Profiles

Before starting

First, check that you meet the following requirements:

  • To perform the tasks described in this section, you must have at least the following administration role:
    • In classic administration mode: "Security object administrator".
    • In advanced administration mode, your role must contain the following administration right: "Access point security profile: Creation/Modification".
  • The time slice that will be used by the access point security profile must be created.
  • If you are working in "no access point management" mode, you cannot create access point security profiles.
Procedures

Creating Access Point Security Profiles

  1. In the tree structure of the Directory panel, right-click the organizational unit that must contain your access point security profile and select New\Access Point Security Profile.
    • The tab designed to configure the access point security profile appears.
  1. Fill in the window as described in Section Configuring Access Point Security Profiles and click Apply.
    • The access point security profile appears in the directory tree structure.

Modifying Access Point Security Profiles

IMPORTANT: If you modify an access point security profile already used by access points, your modification applies on all the access points using this security profile.
  1. In the tree structure of the Directory panel, select the access point security profile to modify.
    • The tab designed to configure the access point security profile appears.
  2. Fill in the window as described in Section Configuring User Security Profiles and click Apply.
    • The access point security profile is modified.

 

Related Documents