Chat now with support
Chat with Support

Enterprise Single Sign-On 9.0.2 - One Identity Enterprise Access Management Console Administration Guide

Preface Overview Authenticating to EAM Console and Managing Protection Modes Searching the Directory Tree Managing administrators Managing Security Profiles
Managing time slices Managing Password Format Control Policies Managing User Security Profiles Managing Access Point Security Profiles Managing Application Security Profiles Defining Security Profiles Default Values Managing User and Access Point Security Profiles Priorities
Managing directory objects
Managing applications Managing users Managing access points Managing representative objects Managing clusters of access points Selecting a domain controller
Importing/Exporting security profiles and directory objects Managing smart cards Managing SA server devices Managing RFID tokens Managing biometrics Managing Mobile Devices Enabling the public key authentication method Managing Emergency Accesses Managing audit events Managing reports Customizing configuration files Creating scripts Basic syntax of regular expressions Listing audit events and error codes Correspondence between profiles and administration rights Report Models and Parameters List Custom Group Files Format

Managing users

Subject

This section describes the operations specific to user administration. These apply only to the User object and are related to its primary authentication.

IMPORTANT: If your directory infrastructure is composed of several LDAP domains, the operations related to the users are saved only in the domain where they are done.
Before starting

Before reading the following sections, make sure that the following steps were performed:

  1. Your perimeter in the LDAP directory includes all the users that you have to manage using EAM Console.
  2. Organizational units; groups and users are sorted according to the organization to which they belong.

NOTE: All these tasks must be done using the appropriate LDAP tools, as for example Microsoft "Users and Computers for Active Directory".

In this section:

Displaying general information about the user

Displaying general information about the user

Subject

It is possible to display the general information about the user. This data is imported from the LDAP directory.

Procedure

  1. In the tree structure of the Directory panel, select the wanted user.
  2. Click the Information tab.

Defining user connection parameters

Subject

This section indicates how to specify user's authentication parameters to the created applications.

Before starting

To perform the tasks described in this section, you must have at least the following administration role:

  • In classic administration mode: "Security object administrator".
  • In advanced administration mode, your role must contain the following administration right: "User: Modification".

NOTE: For more information on administration roles, see Section Managing administrators.

In this section:

Suspending or limiting temporarily user access

Suspending or limiting temporarily user access

Subject

It is possible to suspend a user's access. When this occurs, that user is notified during the authentication process.

Procedure

  1. In the tree structure of the Directory panel, select the wanted user.
  2. In the Connection tab, click the General tab.
    • The tab appears.

  3. In this panel, you can lock or unlock the user's access, set a date allowing the access and an expiry date to forbid temporarily the access to the user.
  1. Click Apply to validate your modifications.
Related Documents