Chat now with support
Chat with Support

Enterprise Single Sign-On 9.0.2 - One Identity Enterprise Access Management Console Administration Guide

Preface Overview Authenticating to EAM Console and Managing Protection Modes Searching the Directory Tree Managing administrators Managing Security Profiles
Managing time slices Managing Password Format Control Policies Managing User Security Profiles Managing Access Point Security Profiles Managing Application Security Profiles Defining Security Profiles Default Values Managing User and Access Point Security Profiles Priorities
Managing directory objects
Managing applications Managing users Managing access points Managing representative objects Managing clusters of access points Selecting a domain controller
Importing/Exporting security profiles and directory objects Managing smart cards Managing SA server devices Managing RFID tokens Managing biometrics Managing Mobile Devices Enabling the public key authentication method Managing Emergency Accesses Managing audit events Managing reports Customizing configuration files Creating scripts Basic syntax of regular expressions Listing audit events and error codes Correspondence between profiles and administration rights Report Models and Parameters List Custom Group Files Format

Configuration

In this section:

Configuring the Reporting Module

Before starting

To configure the PDF reports module, you must own the following right: Reporting: Administration: to manage the configuration of the report generation requests.

NOTE: For more information on administration roles, see Section Managing administrators.
  1. In the File menu, click Configuration.
    • The Configuration window appears.
  2. Click the Reporting tab.
  3. Fill-in the tab using the instructions given in section "Reporting" Tab - Description hereunder.
  4. Click OK.
    • The reporting module is configured.
"Reporting" Tab - Description

General configuration area

  • Delete reports older than x days: select this check box and set the number of days after which the reports are automatically deleted from the controller.
    By default, the reports are never deleted.
  • Check for report generation every x minutes: set the periodicity check of the periodic reports to generate.
    Example: if you set the periodicity to 60, then the EAM controller will check every 60 minutes if periodic reports must be generated. If a periodic report should have been generated within these 60 minutes, then the console will execute the generation of this report.

    IMPORTANT: The default value is 0, however this value is equivalent to an automatic check every 10 minutes.
  • Mail notifier configuration area
    • SMTP: enter the SMTP server name to send emails.
      The format of the server name must be <SMTPServerName>[:<PortNumber>], where PortNumber is optional.
    • user and password: name and password of the user to enter to connect to the email server, if necessary.
    • Sender's (and reply to) address: email address of the sender.
    • Sender's display name: self-explanatory.
    • Configure button: click this button to configure the email content.

      Available keywords that can be inserted in the subject and body of the email:

      • %REPORT.NAME% : report name as defined by the person who request the report generation.
      • %REPORT.FILE.NAME% : full path of the file containing the generated report.
      • %REPORT.FROM.MAIL% : email address of the originator if the email.
      • %REPORT.FROM.NAME% : displayable name of the originator of the email.
      • %REPORT.DATE.BEGIN% : begin date of the report generation start.
      • %REPORT.DATE.END% : end date of the report generation stop.
      • %REPORT.DATE.GENERATION% : date of the report generation.
      • %REPORT.SERVER% : name of the controller that originated the email.

        Tags also enable you to specify conditional text: the text specified within these tags will be conditioned to the presence of the begin and end dates parameters upon a report generation request. If the dates are present, the text is displayed, otherwise it is hidden. These tags are:

        • %COND.START%
        • %COND.END%

NOTE: These keywords are case insensitive.

Example:

Managing Report Models

Subject

Depending on your needs, you can import report models (see Importing a report model hereunder) to diversify your available report types or just update your existing reports.
You can also delete report models (see Deleting a report model hereunder).

Description

The report models are divided into 4 categories:

  • Activity: reports that help supervise the solution.
  • Snapshot: reports that resume the current policy.
  • Risk: reports that detect possible anomalies.
  • Surveillance: reports that display the activity of the users, applications or workstations.

To view the list of report models provided by One Identity as well as their parameters, see Report Models and Parameters List.

Before starting
  • To manage the PDF reports models, you must own the following rights:
    • Reporting: Administration: to manage the configuration of the report generation requests.
    • Reporting: Model import: to authorize the administrators to import new report models or to update the existing ones.
    • Reporting: Model deletion: to authorize the administrators to delete the report models.

    NOTE: For more information on administration roles, see Section Managing administrators.
  • You have placed the new report models or the updates provided by the One Identity Expertise Center in the directory dedicated to its category under C:\Program Files\Common Files\One Identity\IAR\exports\models\archives\<DBTYPE>\UAS\<Category>, where DBTYPE is the database type used by the controller and Category the name of the model category to import.
    For example, to update the report model on the mobile devices of the Snapshot category, you must place the archive containing the Mobiles.zip model in the C:\Program Files\Common Files\One Identity\IAR\exports\models\archives\MySQL\UAS\Snapshot directory if the database used is MySQL.

Importing a report model

Procedure

  1. In the Report menu, click Import report models.
    • The controller selection window appears.
  2. Select a controller where the reporting service is installed and click OK.
    • The Select report model to import window appears and displays all the models to import.

  3. Select a display language then select a report model.
  4. Select the Show unknown model only check box to display only the models that have not been imported yet.
  5. Click Import.
    • The Import options window appears.

  6. Select the import mode of the report model:
    • Delete if exists then create: deletes the model if it already exists and recreates it.
    • Update the report model: only updates the files depending on the graphic model or the property files.
    • Do nothing if the report model exists: does not create a new model if it already exists.
  7. Select the language(s) in which the report model can be generated and click Import.
    • The report is imported and available for on-demand or periodic PDF report generation.

Deleting a report model

NOTE:
  • You cannot delete a report model if it is being used to generate a report.

  • If the report model is used for a periodic report generation, then the latter is deleted.

Procedure

  1. In the Report menu, click Delete report models.
    • The Select report model to delete window appears and displays all the models imported in the Reporting module.
  2. Select a report model

    NOTE: If you only want to delete one of the display languages of a report, select the report and the language to delete.
  3. Click Delete.
    • The report model is deleted.

Managing Permissions

Subject

You can manage permissions by adding/deleting users and adding/removing the following permissions:

  • Reader: the user can only download the reports.
  • Full control: the user can download reports and if he is an administrator, he can also add/modify/remove users and their rights.
Before starting

To manage the permissions, you must own the following right:
Reporting: Administration: to manage the configuration of the report generation requests.

Procedure

  1. In the Reporting panel > PDF reports tab, click Permissions.
    • The Report permissions window appears.

  2. To:
    • Add a user and his permission: click Add.
    • Modify the permission of a user: click Change right.
    • Remove a user and his permission: click Remove.
  3. Once you have made the modifications, click OK.

 

Related Documents