Chat now with support
Chat with Support

Enterprise Single Sign-On 9.0.2 - One Identity Enterprise Access Management Console Administration Guide

Preface Overview Authenticating to EAM Console and Managing Protection Modes Searching the Directory Tree Managing administrators Managing Security Profiles
Managing time slices Managing Password Format Control Policies Managing User Security Profiles Managing Access Point Security Profiles Managing Application Security Profiles Defining Security Profiles Default Values Managing User and Access Point Security Profiles Priorities
Managing directory objects
Managing applications Managing users Managing access points Managing representative objects Managing clusters of access points Selecting a domain controller
Importing/Exporting security profiles and directory objects Managing smart cards Managing SA server devices Managing RFID tokens Managing biometrics Managing Mobile Devices Enabling the public key authentication method Managing Emergency Accesses Managing audit events Managing reports Customizing configuration files Creating scripts Basic syntax of regular expressions Listing audit events and error codes Correspondence between profiles and administration rights Report Models and Parameters List Custom Group Files Format

Home Window

The home window is the EAM Console welcome window. It gives access to all available EAM modules.

Some module icons may not be available for the following reasons:

  • The module is not installed.
  • You have not enough administration rights to access a module.

NOTE: The status bar displays the name of the EAM Controller that EAM Console uses.
 

Icon

Description

Gives access to the Directory panel, which allows you to manage all directory objects.

This panel is explained in the following sections of this guide:

Section Searching the Directory Tree .

Section Managing administrators.

Section Managing Security Profiles.

Section Managing directory objects.

Gives access to the Smart Card panel, which allows you to manage smart cards.

This panel is explained in the following sections of this guide:

Section Managing smart cards.

Section Managing SA server devices .

Gives access to the RFID panel, which allows you to manage RFID badges as well as Bluetooth devices.

This panel is explained in Section Managing RFID tokens of this guide.

Gives access to the Biometrics panel, which allows you to display and export the list of users who have enrolled their biometric data.

This panel is explained in Section Managing biometrics of this guide.

Gives access to the Mobile Devices panel, which allows you to manage the mobile devices of the users who are using the QRentry feature.

This panel is explained in Managing Mobile Devices of this guide.

Gives access to the Audit panel, which allows you to audit events.

This panel is explained in Section Managing audit events of this guide.

Gives access to the Reporting panel, which allows you to get reports on application and user accounts.

This panel is explained in Section Managing reports of this guide.

Directory Panel Overview

The graphical user interface (GUI) of the EAM administration console Directory panel is divided in different areas, as shown in the following illustration:

Area

Name

Description

1

Menu bar

The menu bar contains 2 types of menus:

Static menus (File, View and Help), which are always available and always display the same commands.

A dynamic menu (Directory in the above illustration), which displays specific commands depending on the administration panel selected in area 5.

2

Tool bar

The tool bar is dynamic. It displays buttons that are shortcuts to the menu bar items.

3

Tabbed panel

Depending on your administration role and on the selected administration panel, this area displays tabbed panels that allow you to:

  • Manage and stores access rights and user accounts in the LDAP directory (Directory panel).
  • Manage a base of corporate smart carts (Smart Card panel).
  • Manage a base of RFID tokens (RFID panel).
  • Display biometry data (Biometrics panel).
  • Manage mobile devices (Mobile Devices panel).
  • Display audit information (Audit panel).
  • Display reports (Reporting panel).

NOTE: if you are using AD LDS, when selecting an Organizational Unit (OU) the following tabs/features are not available:

  • Security profiles.
  • User Access.
  • Available Applications.
  • Application Access.

4

Directory tree

This area appears in the Directory panel only. It displays your LDAP directory administration perimeter.

5

Navigation bar

This area allows you to switch rapidly between the different administration panels.

Notes:

  • The active panel is shown in a gray circle.
  • Depending on your administration rights, some buttons may be deactivated.

Authenticating to EAM Console and Managing Protection Modes

One Identity provides two protection modes for the EAM security database:

  • Hardware protection mode: EAM protection mode in which encryption keys are protected by cryptographic smart cards. In this mode, smart cards are required to perform administration tasks.
  • Software protection mode: EAM protection mode in which administration keys are protected by a password and, if desired, by smart card. In this mode, smart cards are not required to perform administration tasks.

The protection mode is chosen at installation time, during the primary controller initialization. For more information on installation, see One Identity EAM Installation Guide.

In this section:

Starting/Stopping EAM Console

This section describes how to start or stop EAM Console.

In this section:

Related Documents