Chat now with support
Chat with Support

Enterprise Single Sign-On 9.0.2 - One Identity Enterprise Access Management Console Administration Guide

Preface Overview Authenticating to EAM Console and Managing Protection Modes Searching the Directory Tree Managing administrators Managing Security Profiles
Managing time slices Managing Password Format Control Policies Managing User Security Profiles Managing Access Point Security Profiles Managing Application Security Profiles Defining Security Profiles Default Values Managing User and Access Point Security Profiles Priorities
Managing directory objects
Managing applications Managing users Managing access points Managing representative objects Managing clusters of access points Selecting a domain controller
Importing/Exporting security profiles and directory objects Managing smart cards Managing SA server devices Managing RFID tokens Managing biometrics Managing Mobile Devices Enabling the public key authentication method Managing Emergency Accesses Managing audit events Managing reports Customizing configuration files Creating scripts Basic syntax of regular expressions Listing audit events and error codes Correspondence between profiles and administration rights Report Models and Parameters List Custom Group Files Format

Renaming Password Generation Policies

Before starting

To perform the task described in this section, you must have at least the following administration role:

  • In classic administration mode: "Security object administrator".
  • In advanced administration mode, your role must contain the following administration right: "Password generation policy: Creation/Modification".

Procedure

  1. In the tree structure of the Directory panel, right-click the PGP to rename and select Rename.
  2. Type the new name of the object and press the Enter key.

 

Deleting Password Generation Policies

Subject

NOTE: If you delete a PGP used by objects of type application, these applications will use the default policy.
Before starting

To perform the task described in this section, you must have at least the following administration role:

  • In classic administration mode: "Security object administrator".
  • In advanced administration mode, your role must contain the following administration right: "Password generation policy: Deletion".

Procedure

In the Directory panel, right-click the PGP to delete and select Delete.

  • The PGP is deleted from the directory tree structure.

Creating/Modifying Application Security Profiles

Before starting
  • To perform the task described in this section, you must have at least the following administration role:
    • In classic administration mode: "Security object administrator".
    • In advanced administration mode, your role must contain the following administration right: "Application profile: Creation/Modification".
  • The Password Generation Policy that will be used by the application security profile must be created.

Procedures

Creating Application Security Profiles

  1. In the tree structure of the Directory panel, right-click the organizational unit that must contain your application security profile and select New\Application Profile.
    • The tab designed to configure the application profile appears.
  1. Fill in the window as described in Section Configuring Application Security Profiles and click Apply.
    • The application security profile appears in the directory tree structure.

Modifying Application Security Profiles

IMPORTANT: If you modify an application profile already used by applications, your modifications apply to all the applications associated with this security profile.
  1. In the tree structure of the Directory panel, select the application profile to modify.
    • The tab designed to configure the application profile appears.
  2. Fill in the window as described in Section Displaying Application Security Profile Event Logs and click Apply.
    • The application security profile is modified.

Configuring Application Security Profiles

Configuring Application Security Profiles

Before starting

To perform the task described in this section, you must have at least the following administration role:

  • In classic administration mode: "Security object administrator".
  • In advanced administration mode, your role must contain the following administration right: "Application profile: Creation/Modification".

Procedure

  1. Type the security profile name.
  2. Define the rules for accessing SSO accounts using the following tabs:

In this section:

Related Documents