This tab allows you to configure the Multi-User Desktop feature for workstations associated with the security profile.
|
NOTE:
|
The workstations running Multi-User Desktop must meet the following requirements:
Item |
Description |
Full screen mode
Background color |
In full screen mode, the multi-user desktop welcome screen covers the full screen in order to hide the desktop. You can customize the background color of the welcome screen (white by default). |
Transparent mode Lock keyboard and mouse Move information window Information window is resizable |
In Transparent mode, the multi-user desktop welcome screen appears at the center of the desktop. When this radio button is selected, the following options are available:
|
Always display windows of these processes |
When switching between 2 different user’s session, Multi-User Desktop hides or terminates the applications (and associated processes) that must not be used by the authenticated user and shows the approved applications. Complete this field to specify processes that are not managed by Multi-User Desktop: the applications running from the listed processes remains active and can be used by any authenticated users. The processes must be separated by commas, as in the following example: AlertMgmt.exe, word.exe Notes: By default, the following applications are not managed by Multi User Desktop: Multi User Desktop itself. Enterprise SSO. Windows task manager. To activate this option for all running applications, enter the * character in the process field. The windows of the running applications will always be displayed. |
Allow reboot |
Select this option to display a Reboot button in the welcome screen, which allows users to restart the workstation. |
Show help URL |
Select this option and complete the field with an URL to an help page in order to display in the welcome screen a link to the help URL. |
Automatically disconnect users after <x> seconds
Users can disconnect manually
Show count down for last <x> seconds before lock |
Specifies how much user idle time must elapse before the Windows session automatically locks. Enter 0 to disable this feature. You can allow users to lock their session. When this option is selected, the Disconnect command is available from the Multi User Desktop icon displayed in the workstation notification area and from the tool bar if you have selected this display mode (for more details, see Authentication Manager Session Management Administrator’s Guide). If the Show count down for last <x> seconds before lock option is selected, a countdown clock automatically appears on the workstation desktop at the specified time. When the countdown hits zero, the session is locked. |
Automatically logoff users after <x> seconds
Users can logoff manually |
Specifies how much time must elapse after the lock of the workstation to automatically log off. Enter 0 to disable this feature. You can allow users to logoff. When this option is selected, the Logoff command is available from the Multi User Desktop icon displayed in the workstation notification area and from the tool bar if you have selected this display mode (for more details, see Authentication Manager Session Management Administrator’s Guide). |
Maximum concurrent sessions |
Maximum number of Windows sessions managed by the Multi User Desktop feature. When a new session is opened whereas this limit is reached, the oldest locked session is automatically closed. Enter 0 to disable this feature. |
Allow biometrics enrollment |
This option is selected by default to allow users who can authenticate using their biometric data but who have not yet enrolled their fingerprints to registered their fingerprints when they log on the Multi User Desktop workstation for the first time. |
Show infos |
Select this option to display information on the chosen location (as an overlay on the wallpaper or on a toolbar located at the top of the screen). To customize the available information, see Security Services Tab. |
This tab allows you to configure biometric parameters on workstations on which it is used.
To configure the parameters described in this section, you must work in advanced administration mode, and your role must contain the following administration right: "Bio: Is enable to allow biometrics pattern enrollment".
|
NOTE: For more information on administration roles, see Section Managing administrators. |
False accepted rate (read the instructions displayed in the area).
|
NOTE: This option applies to the Precise Biometrics middleware and to the UPEK middleware. For the UPEK middleware, the false accepted rate value sets the severity level used when matching fingerprints. 5 levels are supported:
|
Option name |
Description |
Servers |
This area displays the list of the password reset servers you want to use. The position of servers in the list corresponds to the working order (if the first server does not respond, the second one is tested, and so on). |
Remove button |
This button removes the selected server from the server list. |
Add button |
Type a server address in the field and click this button to add it to the list. |
This tab allows you to modify the detection areas of RFID tokens. For more information, see Section Modifying the detection areas and the grace period.
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy