Chat now with support
Chat with Support

Enterprise Single Sign-On 9.0.2 - One Identity Enterprise Access Management Console Administration Guide

Preface Overview Authenticating to EAM Console and Managing Protection Modes Searching the Directory Tree Managing administrators Managing Security Profiles
Managing time slices Managing Password Format Control Policies Managing User Security Profiles Managing Access Point Security Profiles Managing Application Security Profiles Defining Security Profiles Default Values Managing User and Access Point Security Profiles Priorities
Managing directory objects
Managing applications Managing users Managing access points Managing representative objects Managing clusters of access points Selecting a domain controller
Importing/Exporting security profiles and directory objects Managing smart cards Managing SA server devices Managing RFID tokens Managing biometrics Managing Mobile Devices Enabling the public key authentication method Managing Emergency Accesses Managing audit events Managing reports Customizing configuration files Creating scripts Basic syntax of regular expressions Listing audit events and error codes Correspondence between profiles and administration rights Report Models and Parameters List Custom Group Files Format

Exporting Generated Reports

Exporting Generated Reports

Subject

You can create reports containing the list of existing smart cards and export them into CSV files.

Procedure

  1. In the Smart Card panel, click the Reports tab.
  2. In the displayed window, filter if needed the smart cards to display and click Apply.
  3. Click Export.
  4. Select the destination folder for your file, then name and save it.

 

Managing SA server devices

Managing SA server devices

Subject

EAM Console allows you to manage the Gemalto Strong Authentication server (SA server) as follows:

  • Management of the SA Server users: user creation and update.
  • Management of the OATH devices: update.
  • Management of the user-authentication device link.

NOTE: EAM does not manage SA Server policies, keys and roles.
Authentication mechanism

The Gemalto Strong Authentication uses two independent ways to establish an identity:

  • A static password, which is associated with a user identifier.
  • A One-Time Password (OTP), which is obtained from the OATH device.

In SA Server, the user identifier and the device are linked together for a specified user, and both are required to authenticate.

This link between the user and the device is managed from EAM Console. The use of the SA Server administration portal is not required.

To each EAM user corresponds a specific identifier, and only one device can be assigned to this user.

The SA Server connection can be secured by SSL for more protection.

In this section:

Configuring EAM for the management of SA Server devices

Subject

This section explains how to set the SA Server connection and how to configure it.

Before starting
  • The SA Server must be installed on a computer (to know how to install SA Server, refer to the Gemalto documentation).
  • You must have the EAM SA Server license (SASRV license).

In this section:

Configuring the connection to the SA server

Procedure

  1. In EAM Console, click File/Configuration and select the SA Server Hosts tab.
  2. Fill-in the Host description area using the instructions given in the following "SA Server" tab - description section.
  3. Click the Add to Host List button to add the server to the list of SA Server managed by EAM.
  4. Perform Steps 2 and 3 again for each server you want to connect to EAM.
  5. Manage the server connection order using the Up and Down buttons in the Host area.
  6. Click OK.
    • The SA Server(s) are connected to EAM.
"SA Server Hosts" tab - description

  • Hosts area

    This area displays the SA Server hosts that are connected to EAM.

    • Up/Down buttons

      These buttons allow you to define the host connection order. If the first host does not respond, EAM connects to the following one.

    • Edit button

      This button allows you to edit the host selected in the Host description area.

    • Delete button

      Removes the selected host.

  • Host description area
    • Server URL/Port field

      SA server URL and used port.

      The SA Server URL must be entered with the following syntax:
      <SA Server host name>/<SA Server base folder>

      Example: 123.456.78.912/saserver

      If you do not enter a port number, the default one will be used.

    • Proxy URL/Port field

      Proxy URL and port number, if required.

    • Connect to the server using SSL check box

      Enables the HTTPS connection (this option depends on how the SA Server is installed).

    • Check Host Validity button

      Checks the connection to the host entered in the Server URL field and displays a confirmation message if the connection succeeds.

    • Add to Host List button

      Adds the entered URL to the host list in the Host area.

Related Documents