Defining the set of access points to represent
Subject
You must select the external access points that you want to be represented by the representative object.
Procedure
In the Configuration tab, in the Represented population area, use the Add and Remove buttons to choose the access points of external domains that you want to be represented by the representative.
In "no-access-point-management" mode, the represented population is everyone of a specific domain. It is not possible to expand the subtree of objects in a domain.
Selecting applications available to the representative
Subject
This section describes how to authorize the represented access point to log on to applications that are not part of their domain.
Before starting
The software corresponding to the application object must be installed on the access point.
Procedure
- Click the Available Applications tab.
- The Available Applications tab appears.
- Click the Add/Remove buttons to select the application that you want to make accessible from external access points.
- To provide more details on the list of available applications, use the following buttons:
- Allow/Forbid
If you have added a group of applications and you wand to forbid one or more application(s) in this group, use the Allow and Forbid buttons.
- Propagation method
If you want to specify an application using the SSO propagation method, you must indicate a technical reference. The technical reference specified on the application is used by default, based on the descriptions in Section Defining the Single Sign-On properties of an application (SSO).
Displaying representative event logs
Displaying representative event logs
Subject
The Events tab allows you to display all the events that are directly or indirectly linked to the selected object, for a defined period (the last two days by default). This report contains both user actions and administration actions records.
Restriction
The Events tab only appears if you have the following administration role:
- In classic administration mode: "Auditor".
- In advanced administration mode, your role must contain the following administration right: "User security profile: Creation/Modification" or "Audit: Visualization".
Procedure
- In the tree structure of the Directory panel, select the representative to audit.
- Click the Events tab.
- The Events tab appears.
- In the Filter area, set a period of time to filter the log entries and click Apply (for more information on event logs see Section Managing audit events).
Renaming representative objects
Before starting
To perform the task described in this section, you must have the following administration role:
- In classic administration mode: "Security object administrator".
- In advanced administration mode, your role must contain the following administration right: "Representative: Creation/Modification".
Procedure
- In the tree structure of the Directory panel, right-click the representative object to rename and select Rename.
- Type the new name of the object and press Enter.