Chat now with support
Chat with Support

Enterprise Single Sign-On 9.0.2 - One Identity Enterprise Access Management Console Administration Guide

Preface Overview Authenticating to EAM Console and Managing Protection Modes Searching the Directory Tree Managing administrators Managing Security Profiles
Managing time slices Managing Password Format Control Policies Managing User Security Profiles Managing Access Point Security Profiles Managing Application Security Profiles Defining Security Profiles Default Values Managing User and Access Point Security Profiles Priorities
Managing directory objects
Managing applications Managing users Managing access points Managing representative objects Managing clusters of access points Selecting a domain controller
Importing/Exporting security profiles and directory objects Managing smart cards Managing SA server devices Managing RFID tokens Managing biometrics Managing Mobile Devices Enabling the public key authentication method Managing Emergency Accesses Managing audit events Managing reports Customizing configuration files Creating scripts Basic syntax of regular expressions Listing audit events and error codes Correspondence between profiles and administration rights Report Models and Parameters List Custom Group Files Format

IP Address Constraints Tab

The IP Address Constraints tab allows you to set ranges of IP addresses. An access point that has an IP address outside the listed ranges of IP addresses cannot perform SSO operations on the applications associated with this security profile.

The SSO is allowed in offline mode check box is available when at least one IP address range is set. This check box applies on all the listed IP address ranges.
Select this option to allow the access points that have IP addresses inside the listed ranges to perform SSO on the applications associated with this security profile even if they are not connected to the network.

NOTE: To enable the offline mode, the user must have performed SSO on the application at least once from his/her workstation.

Displaying Application Security Profile Usage Logs

Subject

The Applies to tab enables you to display the list of applications that are directly linked to the selected security profile.

Procedure

  1. In the tree structure of the Directory panel, select the application security profile for which you want to display usage.
  2. Select the Applies to tab.
    • The list of applications linked to this security profile appears.

  3. Double-click an application to go directly to its profile.

Displaying Application Security Profile Event Logs

Displaying Application Security Profile Event Logs

Subject

The Events tab allows you to display all the events that are directly or indirectly linked to the selected object, for a defined period (the last two days by default). This report contains both user actions and administration actions log entries.

Restriction

The Events tab only appears if you have the following administration role:

  • In classic administration mode: "Auditor".
  • In advanced administration mode, your role must contain the following administration right: "Audit: Visualization".

NOTE: For more information on administration roles, see Section Managing administrators.

Procedure

  1. In the tree structure of the Directory panel, select the security profile to audit.
  2. Click the Events tab.

    The Events tab appears.

  1. In the Filter area, set a period of time to filter the log entries and click Apply (for more information on event logs see Section Managing audit events).

Renaming Application Security Profiles

Before starting

To perform the task described in this section, you must have at least the following administration role:

  • In classic administration mode: "Security object administrator".
  • In advanced administration mode, your role must contain the following administration right: "Application profile: Creation/Modification".

Procedure

  1. In the tree structure of the Directory panel, right-click the application security profile to rename and select Rename.
  2. Type the new name of the object and press the Enter key.
Related Documents