Chat now with support
Chat with Support

Enterprise Single Sign-On 9.0.2 - One Identity Enterprise Access Management Console Administration Guide

Preface Overview Authenticating to EAM Console and Managing Protection Modes Searching the Directory Tree Managing administrators Managing Security Profiles
Managing time slices Managing Password Format Control Policies Managing User Security Profiles Managing Access Point Security Profiles Managing Application Security Profiles Defining Security Profiles Default Values Managing User and Access Point Security Profiles Priorities
Managing directory objects
Managing applications Managing users Managing access points Managing representative objects Managing clusters of access points Selecting a domain controller
Importing/Exporting security profiles and directory objects Managing smart cards Managing SA server devices Managing RFID tokens Managing biometrics Managing Mobile Devices Enabling the public key authentication method Managing Emergency Accesses Managing audit events Managing reports Customizing configuration files Creating scripts Basic syntax of regular expressions Listing audit events and error codes Correspondence between profiles and administration rights Report Models and Parameters List Custom Group Files Format

Deleting cluster

Subject

This section describes how to delete a cluster of access points.

Before starting

To perform the task described in this section, you must work in advanced administration mode, and your role must contain the following administration right: "Cluster: Deletion".

NOTE: For more information on administration roles, see Section Managing administrators.
Procedure

In the tree structure of the Directory panel, right-click the cluster to delete and select Delete.

  • The cluster is deleted and removed from the directory tree structure.

Selecting a domain controller

Subject

If, when you modify an object in the directory, the domain controller on which the modification is done is not the same domain controller as for the user workstation, the user will have to wait for the replication to be completed between all the domain controllers (for more information on domain controllers, see Section Overview).

With EAM, this occurs for example when an administrator sets a new password to a user account. The new password is immediately replicated (this is a special feature of the Active Directory replication process). But for EAM, the new password implies a new key for this user (computed from his/her password) used to cipher the user SSO data. The replication of the SSO data modification follows the normal replication process, which can take hours to reach the user site.

The following procedure explains how to select the domain controller to work on.

Procedure
  1. Click File\Change Directory Server.
    • The domain controller selection window appears.
      By default, this window proposes the list of the domain controllers from the site on which the EAM administration controller is installed.

  2. To add another domain controller, read the displayed instructions and click the Search button.
    • If you have entered a computer or server name in the Server or computer name field, all the domain controllers matching the search criteria are listed.
      If a computer name is matching the search, all the domain controllers of the computer site are listed.
  3. Select the domain controller you want to work on and click the Select button.
    • The new domain controller will then be used for all the administration tasks, until you close EAM Console, or select another server.

 

 

Importing/Exporting security profiles and directory objects

This section explains how to export objects located in the tree structure of the directory in an XML file from EAM Console, and how to import this file into the directory.

You can export/import all the objects that are created using EAM Console, and technical references (created with SSO Studio) associated with applications.

In this section:

Exporting objects from EAM Console

Subject

This section explains how to export objects from EAM Console.

Procedure

  1. In the tree structure of the Directory panel, right-click the object or the organization that contains the objects you want to export and select Export.
    • If you have selected an organization or an application, a window allowing you to select the export options appears.
  2. If the Export options window appears, complete the window as explained in the following "Export options" window description section and click OK.
    • An export folder selection window appears.
  3. Select the folder where you want to save the export file and click Open.
    • A confirmation window appears. The selected objects are exported in the XML export file.
"Export options" window description

  • Export Technical references used by application check box

    This check box is intended to set the export of applications.
    The technical reference is a technical description of an application. It is created using SSO Studio, the configuration editor (see Enterprise SSO Administrator's Guide for more details). The configuration of the application is then completed in EAM Console (see Section Managing applications).

    • Check box selected: the technical references associated with the applications you want to export are exported in the XML export file.
    • Check box cleared: the technical references associated with the applications you want to export are not exported.

  • Export all objects present in the subtree check box

    This check box is only available if you have selected an organization.

    • Check box selected: all the objects contained in the selected organization and all its sub-containers are exported in the XML file.
    • Check box cleared: all the objects contained in the selected organization are exported, except those located in its sub-containers.
  • Select the object classes you want to export area

    This area is only available if you have selected an organization.

    Select the object types you want to export.

Related Documents