Chat now with support
Chat with Support

Enterprise Single Sign-On 9.0.2 - One Identity Enterprise Access Management Console Administration Guide

Preface Overview Authenticating to EAM Console and Managing Protection Modes Searching the Directory Tree Managing administrators Managing Security Profiles
Managing time slices Managing Password Format Control Policies Managing User Security Profiles Managing Access Point Security Profiles Managing Application Security Profiles Defining Security Profiles Default Values Managing User and Access Point Security Profiles Priorities
Managing directory objects
Managing applications Managing users Managing access points Managing representative objects Managing clusters of access points Selecting a domain controller
Importing/Exporting security profiles and directory objects Managing smart cards Managing SA server devices Managing RFID tokens Managing biometrics Managing Mobile Devices Enabling the public key authentication method Managing Emergency Accesses Managing audit events Managing reports Customizing configuration files Creating scripts Basic syntax of regular expressions Listing audit events and error codes Correspondence between profiles and administration rights Report Models and Parameters List Custom Group Files Format

Adding or removing a user from a group

Subject

The console allows you to add or remove users and access points from groups directly through the interface, without using a third-party group management console.

You can perform this task in two ways:

IMPORTANT: You must use this feature only with groups carrying Enterprise SSO data.
Before starting
  • You have delegated the task Modify the membership of a group to the Organization for which you want to manage group memberships. For more details, see One Identity EAM Installation Guide.
  • You have the right Group: Add/Remove member in your administration profile (the management of administration profiles is described in Section Managing Administration Profiles).

Procedure#1

  1. In the tree structure of the Directory panel, select the wanted user.
    • The Information tab appears.

  2. Use the Add and Remove buttons to add or remove the user to/from a group.

Procedure#2

  1. In the tree structure of the Directory panel, select the wanted group.
    • The Information tab appears.

  1. Use the Add user and Remove users buttons to add or remove the user to/from a group.

Managing access points

Subject

This section describes the operations specific to access point administration. The definition of the Access Point object and its relationships with the User and Application objects are described in Section Enterprise Access Management Concepts.

Before starting
  • Access points are included in the EAM administration domain only if the following conditions are met:
    • The access point belongs to the reference domain.
    • The EAM clients must be installed on the workstations included in the EAM administration domain.

      IMPORTANT: Only the workstations on which the EAM client is deployed appear in the tree structure (Directory panel).
  • If you want to assign several access point profiles, sort the workstations according to the organizations (organizational units) in which they are located. If necessary, use the tree structure to define specific parameters in the security policy.

    NOTE: These tasks must be carried out directly in your LDAP directory, using the appropriate tools. .
  • If you are working in "no access point management" mode, the access point clients do not appear in the directory tree.

    NOTE: If you are using Active Directory, access points appear in the tree but cannot be modified.

In this section:

Displaying general information about the access point

Displaying general information about the access point

Subject

You can display access point general information. This data is retrieved from the installation of the EAM client and from the LDAP directory.

Procedure

  1. In the tree structure of the Directory panel, select the wanted access point.
  2. Click the Information tab.

    NOTE:

Defining access point configuration parameters

In this section:

Related Documents