Chat now with support
Chat with Support

Enterprise Single Sign-On 9.0.2 - One Identity Enterprise Access Management Console Administration Guide

Preface Overview Authenticating to EAM Console and Managing Protection Modes Searching the Directory Tree Managing administrators Managing Security Profiles
Managing time slices Managing Password Format Control Policies Managing User Security Profiles Managing Access Point Security Profiles Managing Application Security Profiles Defining Security Profiles Default Values Managing User and Access Point Security Profiles Priorities
Managing directory objects
Managing applications Managing users Managing access points Managing representative objects Managing clusters of access points Selecting a domain controller
Importing/Exporting security profiles and directory objects Managing smart cards Managing SA server devices Managing RFID tokens Managing biometrics Managing Mobile Devices Enabling the public key authentication method Managing Emergency Accesses Managing audit events Managing reports Customizing configuration files Creating scripts Basic syntax of regular expressions Listing audit events and error codes Correspondence between profiles and administration rights Report Models and Parameters List Custom Group Files Format

Searching the Directory Tree

Searching the Directory Tree


The searching functionality is available from the Directory panel. The search results appear as a tree under the Search request node.

If you execute several search requests, they all appear as a node in the tree.

NOTE: For performance reasons, the search feature do not allow you to search for an organization in the directory. Objects designated with a CN are the only ones that can be found.
Before starting

To perform the task described in this section, you must have the following administration role:

  • In classic administration mode: "Security object administrator" or "Access administrator" or "Rights administrator" or "Smart card administrator".
  • In advanced administration mode, your role must contain the following administration right: "Directory: Browsing".

In this section:

Searching for Directory Objects


This section explains how to use the search function in EAM Console.
You can only find objects that you are allowed to access, according to your granted administration rights.

  1. In the Directory panel, click the Search request node, or press CTRL+F.
  1. In the Search root field, click the Select button to select the organization in which you want to search an object.
    Use the Browse tab to browse the directory tree structure or use the Search tab to find the organization according to its name.

    NOTE: To display a specific organizational unit in the tree:
    • Select one and click the Directory > Set/Unset OU as root menu.
    • Right-click an OU and select Directory > Set/Unset OU as root.
  2. In the Object type list, select the type of object you want to search.
  3. In the Filter field, type the wanted search request, as explained in the tab instructions.
  4. Type the maximum number of results and click Search.
    • The search result appears in a node in the tree of the Directory panel.
      The following example window shows the result of two search requests.

"SA Server Configuration" tab - description
  • Search root field.

    The container inside which is performed the search.
    If you leave this field empty, the search is performed in all the directory organizations to which you are authorized to access.

    • Select button: opens the organization selection window. This window allows you to browse the directory tree structure (Browse tab) or filter the directory tree (Search tab) to find the organization.
    • Remove button: removes the organization from the field. An empty field means "all organizations".
  • Object type list

    List of directory objects you can search for in the directory.

    NOTE: For performance reasons, the search feature do not allow you to search for an organization in the directory. Objects designated with a CN are the only ones that can be found.
  • Filter field

    Name of the object you want to search. If you are only searching:

    • Objects from a common root, add the * character in the field.
    • An e-mail address containing the name (only applies to users), add the @ character in the field.
    • Search button: starts the search.
    • Clear all button: deletes all search requests from the directory tree.
  • Maximum number of results field

    Maximum number of search request results that you want to see appear in the Directory panel, under the Search request node.

Deleting Search Requests


You can delete search requests one by one or all requests simultaneously.


Deleting a Search Request

  1. In the directory tree, select the search request you want to delete.
    • The Information tab appears.
  1. Click the Delete button.
    • The search request node disappears from the tree.

Deleting All Search Requests

  1. In the directory tree, select the Search request node.
    • The search configuration tab appears.
  1. Click the Clear all button.
    • All search request nodes disappear from the tree.

Managing administrators


This section describes how to delegate, transfer and delete administration profiles. Administration profiles are a set of administration rights; they allow you to manage all the users who are allowed to administer the One IdentityEAM solution through EAM Console.

An administration role is made up of the following elements:

  • The scope of the administration role: the objects of the directory to which the role applies.
  • One or several administration profile(s): the administration rights allocated to the administration role.
  • A parent administrator (optional).
  • An audit filter that indicates what administrator actions should be audited.

EAM Console allows you to assign administration profiles to users so that they can perform the administration tasks corresponding to their role in the company.

In this section:

Related Documents