Chat now with support
Chat with Support

Enterprise Single Sign-On 9.0.2 - One Identity Enterprise Access Management Console Administration Guide

Preface Overview Authenticating to EAM Console and Managing Protection Modes Searching the Directory Tree Managing administrators Managing Security Profiles
Managing time slices Managing Password Format Control Policies Managing User Security Profiles Managing Access Point Security Profiles Managing Application Security Profiles Defining Security Profiles Default Values Managing User and Access Point Security Profiles Priorities
Managing directory objects
Managing applications Managing users Managing access points Managing representative objects Managing clusters of access points Selecting a domain controller
Importing/Exporting security profiles and directory objects Managing smart cards Managing SA server devices Managing RFID tokens Managing biometrics Managing Mobile Devices Enabling the public key authentication method Managing Emergency Accesses Managing audit events Managing reports Customizing configuration files Creating scripts Basic syntax of regular expressions Listing audit events and error codes Correspondence between profiles and administration rights Report Models and Parameters List Custom Group Files Format

Audit Tab

The Audit tab allows you to assign an audit filter to the user security profile.

To assign an audit filter, see Section Applying an audit filter to specific objects.

Local Administrators Tab

Subject

The Local Administrators tab allows you to enable users to log an as local administrators on a set of workstations using their mobile device. For a complete description of this feature, please refer to QRentry User’s Guide.

Tabbed panel description

  1. In the Group area, use the Add and Remove buttons to list the Active Directory groups that contain the members who will have the permission to use the local administrator account.

    NOTE:

    • You can use the same group for several access point security profiles.

    • You can remove a several groups at once using the Ctrl and Shift keys.

  1. Create a local administration access role using the Manage button.

    NOTE: Each role is associated with a local administration key pair. This is why you must create at least one role for the selected access point security profile.
  1. Set the length of the one-time code that is generated to provide the local administration access.

Displaying Access Point Security Profile Usage Logs

Subject

The Applies to tab enables you to display the list of access points that are directly linked to the selected security profile.

Procedure

  1. In the tree structure of the Directory panel, select the access point security profile for which you want to display usage.
  2. Select the Applies to tab.
    • The list of access points linked to this security profile appears.

  1. Double-click an access point to go directly to its profile.

Displaying Access Point Security Profile Event Logs

Subject

The Events tab allows you to display all the events that are directly or indirectly linked to the selected object, for a defined period (the last two days by default). This report contains both user actions and administration actions log entries.

Restriction

To perform the task described in this section, you must have at least the following administration role:

In classic administration mode: "Auditor".

In advanced administration mode, your role must contain the following administration right: "Audit: Visualization".

NOTE: For more information on administration roles, see Section Managing administrators.

Procedure

  1. In the tree structure of the Directory panel, select the access point security profile to audit.
  2. Click the Events tab.
    • The Events tab appears.
  1. In the Filter area, set a period of time to filter the log entries and click Apply (for more information on event logs see Section Managing audit events).
Related Documents