Chat now with support
Chat with Support

Enterprise Single Sign-On 9.0.2 - One Identity Enterprise Access Management Console Administration Guide

Preface Overview Authenticating to EAM Console and Managing Protection Modes Searching the Directory Tree Managing administrators Managing Security Profiles
Managing time slices Managing Password Format Control Policies Managing User Security Profiles Managing Access Point Security Profiles Managing Application Security Profiles Defining Security Profiles Default Values Managing User and Access Point Security Profiles Priorities
Managing directory objects
Managing applications Managing users Managing access points Managing representative objects Managing clusters of access points Selecting a domain controller
Importing/Exporting security profiles and directory objects Managing smart cards Managing SA server devices Managing RFID tokens Managing biometrics Managing Mobile Devices Enabling the public key authentication method Managing Emergency Accesses Managing audit events Managing reports Customizing configuration files Creating scripts Basic syntax of regular expressions Listing audit events and error codes Correspondence between profiles and administration rights Report Models and Parameters List Custom Group Files Format

Importing objects in EAM Console

Subject

You can import in EAM Console the objects you have exported in the XML file (see Section Exporting objects from EAM Console).

Procedure

  1. In the tree structure of the Directory panel, right-click the container in which you want to import the objects of the XML file select Import.
    • A file selection window appears.
  2. Select the XML file you want to import and click OK.
    • A window allowing you to select the import options appears.

  3. Select import options by reading the instructions displayed in the window and click OK.
    • The import process starts. An import report appears to inform you on the result of the import operation.

 

Managing smart cards

Managing smart cards

Subject

There are two ways to manage smart cards. The first one is performed through the EAM solution, whereas the second one is performed through an external Content Management System (CMS):

The tasks described in this section will allow you to perform the following operations on your smart cards:

  • Configure parameters of use.
  • Manage certificates.
  • Assign.
  • Configure self-assignment parameters.
  • Unlock.
  • Manage an oversight, a loss or a theft.
  • Format.
  • Display information.

As a smart card administrator, you will assign smart cards (Assigning smart cards (except loan cards)) and frequently change their states, as shown in the following diagram:

You will also have to assign lending cards (Managing loan cards) upon an oversight, a loss or a theft, as shown in the following diagram:

To perform administration tasks, you will use the Smart cards or the Directory panel. Depending on the selected panel, you will use the following interfaces:

The administration procedures are different depending on the panel used to manage smart cards. Tasks can be performed from one or another panel, or both.

To act on a particular user, you will use the Directory panel.

To act on a standard smart card, you will use the Smart cards panel.

The following schema presents the main tasks to be performed in the different panels:

Your administration profile defines the EAM Console interface that you can use to manage smart cards. Administration modes and roles allow you to open one of the panels, as shown in the following schemas:

If you use a smart card to perform your administration tasks, you must be "smart card manager" to perform all the tasks described in this section.

NOTE:

  • This right is granted upon the smart card assignment in the Administration tab.

  • For more information on administration roles, see Section Managing administrators.

In this section:

Configuring smart card parameters of use

Configuring smart card parameters of use

To perform the tasks described in this section, you must have the following administration role:

Task to perform

In classic administration mode, you must have:

In advanced administration mode, you must have:

Creating/Modifying configuration profiles

"Smart card administrator"

"Token configuration: Creation/Modification"

Renaming configuration profiles

"Smart card administrator"

"Token configuration: Creation/Modification"

Deleting configuration profiles

"Smart card administrator"

"Token configuration: Deletion"

Modifying a smart card configuration

"Smart card administrator" and at least "Security object administrator" or "access" or "rights"

"Token: Modification" and "Directory: Browsing".

Creation/modification batches of cards

"Security object administrator"

"Batch of cards: Creation/Modification, Deletion" and "Directory: Browsing"

In this section:

Managing smart card configuration profiles

Managing smart card configuration profiles

Smart card configuration profiles are used to define the default values proposed when you assign smart cards to users.

In this section:

Related Documents