One Identity Starling Two-Factor Authentication. Administrator Guide

Similar documents
One Identity Starling Two-Factor Authentication. Administration Guide

One Identity Starling Two-Factor AD FS Adapter 6.0. Administrator Guide

One Identity Starling Two-Factor Authentication

One Identity Password Manager User Guide

One Identity Starling Two-Factor HTTP Module 2.1. Administration Guide

One Identity Starling Two-Factor Desktop Login 1.0. Administration Guide

Cloud Access Manager How to Deploy Cloud Access Manager in a Virtual Private Cloud

EAM Portal User's Guide

Spotlight on SQL Server Enterprise Spotlight Management Pack for SCOM

One Identity Quick Connect Express

Quest Unified Communications Diagnostics Data Recorder User Guide

Quest Migrator for Notes to Exchange SSDM User Guide

One Identity Active Roles 7.2

One Identity Active Roles 7.2. Management Pack Technical Description

One Identity Active Roles Diagnostic Tools 1.2.0

Cloud Access Manager SonicWALL Integration Overview

SQL Optimizer for IBM DB2 LUW 4.3.1

Spotlight Management Pack for SCOM. User Guide

SQL Optimizer for Oracle Installation Guide

Metalogix Archive Manager for Files 8.0. IIS Installation

Cloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0

KACE GO Mobile App 5.0. Getting Started Guide

About Toad for Oracle 2017 Editions 2. Product release notes 4. Installation 5

One Identity Defender 5.9. Product Overview

Rapid Recovery License Portal Version User Guide

Quest Migration Manager for Exchange Resource Kit User Guide

Quest Migration Manager for Exchange Granular Account Permissions for Exchange 2010 to 2013 Migration

One Identity Starling Identity Analytics & Risk Intelligence. User Guide

Metalogix Intelligent Migration. Installation Guide

Quest Migration Manager Upgrade Guide

KACE GO Mobile App 5.0. Release Notes

Quest Recovery Manager for Active Directory 9.0. Quick Start Guide

Toad Intelligence Central 3.3 New in This Release

KACE GO Mobile App 3.1. Release Notes

Quest Migration Manager for Exchange Granular Account Permissions for Exchange 2010 to 2010 Migration

The Privileged Appliance and Modules (TPAM) 1.0. Diagnostics and Troubleshooting Guide

Authentication Manager Self Service Password Request Administrator s Guide

Quest Code Tester for Oracle 3.1. Installation and Configuration Guide

Toad Edge 2.0 Preview

Authentication Services ActiveRoles Integration Pack 2.1.x. Administration Guide

One Identity Active Roles 7.2. Replication: Best Practices and Troubleshooting Guide

Quest InTrust Objects Created and Used by InTrust

Quest Recovery Manager for Active Directory Forest Edition 9.0. Quick Start Guide

Quest InTrust InTrust Events

One Identity Management Console for Unix 2.5.1

KACE GO Mobile App 4.0. Release Notes

Quest One Password Manager

Quest Knowledge Portal 2.9

Dell Secure Mobile Access Connect Tunnel Service User Guide

About One Identity Quick Connect for Base Systems 2.4.0

One Identity Active Roles 7.2. Configuration Transfer Wizard Administrator Guide

Setting up Quest QoreStor as an RDA Backup Target for NetVault Backup. Technical White Paper

One Identity Manager 8.0. IT Shop Administration Guide

Setting up the DR Series System on Acronis Backup & Recovery v11.5. Technical White Paper

Toad Edge Installation Guide

The Privileged Appliance and Modules (TPAM) Approver Guide

Toad DevOps Toolkit 1.0

MySonicWall Secure Upgrade Plus

Cloud Access Manager Overview

One Identity Active Roles 7.2. Azure AD and Office 365 Management Administrator Guide

Dell Statistica. Statistica Enterprise Server Installation Instructions

Quest VROOM Quick Setup Guide for Quest Rapid Recovery and Foglight Windows Installers

Quest VROOM Quick Setup Guide for Quest Rapid Recovery and Foglight Windows Installers

Metalogix StoragePoint 5.7. Release Notes

Toad Data Point - Professional Edition. The Toad Data Point Professional edition includes the following new features and enhancements.

Cloud Access Manager How to Configure Microsoft Office 365

One Identity Manager Data Archiving Administration Guide

Setting up the DR Series System with vranger. Technical White Paper

TOAD TIPS & TRICKS. Written by Jeff Podlasek, Toad DB2 product manager, Quest

Metalogix ControlPoint 7.6. for Office 365 Installation Guide

SonicWall Mobile Connect for Chrome OS

Quest VROOM Quick Setup Guide for Quest Rapid Recovery for Windows and Quest Foglight vapp Installers

Toad Edge Installation Guide

One Identity Manager 8.0. Administration Guide for Connecting to Azure Active Directory

Quest VROOM Quick Setup Guide for Quest Rapid Recovery for Windows and Quest Foglight vapp Installers

Cloud Access Manager How to Configure Microsoft SharePoint

TPAM Security Product Client for Windows Security Product Client for Windows Guide

Dell One Identity Cloud Access Manager 8.0. Overview

Dell GPOADmin 5.7. About Dell GPOADmin 5.7. New features. Release Notes. December 2013

voptimizer Pro Version What s New

One Identity Authentication Services Defender Integration Guide

One Identity Quick Connect for Base Systems 2.4. Administrator Guide

Foglight for DB2 LUW Hardware Sizing Guide

One Identity Active Roles 7.2. Web Interface User Guide

One Identity Manager 8.0. Target System Base Module Administration Guide

Metalogix Essentials for Office Creating a Backup

Quest Migration Manager for Active Directory Cached Credentials Utility Administrator Guide

One Identity Manager 8.0. Data Archiving Administration Guide

Setting Up Quest QoreStor as a Commvault Backup Target. Technical White Paper

SonicWall Secure Mobile Access

Rapid Recovery DocRetriever for SharePoint User Guide

A Rapid Recovery Technical Whitepaper. Lenovo Nutanix Data Protection: Best Practices for Quest Software Data Protection Solutions

One Identity Password Manager 5.7.1

One Identity Manager 8.0. Administration Guide for Connecting to a Universal Cloud Interface

Quest Client Profile Updating Utility 5.7

One Identity Manager Administration Guide for Connecting to SharePoint

Setting Up Quest QoreStor with Veeam Backup & Replication. Technical White Paper

LiteSpeed for SQL Server 6.1. Configure Log Shipping

One Identity Manager Administration Guide for Connecting to SharePoint Online

Metalogix Migrator 4.7. Install Guide

Transcription:

One Identity Authentication Administrator Guide

Copyright 2017 Quest Software Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a software license or nondisclosure agreement. This software may be used or copied only in accordance with the terms of the applicable agreement. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording for any purpose other than the purchaser s personal use without the written permission of Quest Software Inc. The information in this document is provided in connection with Quest Software products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of Quest Software products. EXCEPT AS SET FORTH IN THE TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT, QUEST SOFTWARE ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON- INFRINGEMENT. IN NO EVENT SHALL QUEST SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF QUEST SOFTWARE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Quest Software makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice. Quest Software does not make any commitment to update the information contained in this document. If you have any questions regarding your potential use of this material, contact: Quest Software Inc. Attn: LEGAL Dept 4 Polaris Way Aliso Viejo, CA 92656 Refer to our Web site (www.quest.com) for regional and international office information. Patents Quest Software is proud of our advanced technology. Patents and pending patents may apply to this product. For the most current information about applicable patents for this product, please visit our website at www.quest.com/legal. Trademarks Quest, One Identity, and the One Identity logo are trademarks and registered trademarks of Quest Software Inc. and/or its affiliates in the U.S.A. and other countries. For a complete list of Quest Software trademarks, please visit our website at www.quest.com/legal. All other trademarks, servicemarks, registered trademarks, and registered servicemarks are the property of their respective owners. Legend WARNING: A WARNING icon indicates a potential for property damage, personal injury, or death. CAUTION: A CAUTION icon indicates potential damage to hardware or loss of data if instructions are not followed. IMPORTANT, NOTE, TIP, MOBILE, or VIDEO: An information icon indicates supporting information. Updated - April 2017

Contents What you can do with One Identity Authentication 4 Logging in to Authentication dashboard 5 Managing subscription 6 Service usage statistics 6 License details 6 Subscription details 6 Subscription key 6 Managing collaborators 8 Managing approvals 10 Managing user accounts 11 Customizing settings 12 Customizing user authentication 12 Customizing token UI 13 About us 14 Contacting us 14 Technical support resources 14 3

1 What you can do with One Identity Authentication If your organization wants to enable two-factor authentication on a product, you can purchase Authentication subscription. When your organization purchases the subscription, a subscription gets created and you receive an invitation to access Authentication Dashboard. To configure Authentication in your product, you have to provide the subscription key that is available on the Authentication Dashboard. For more information on configuring Authentication in your product, see the relevant section in the documentation set of your product. On Authentication Dashboard, you can do the following: Add or delete collaborators (Administrators and Helpdesk users) Manage the user status of the service Monitor the service usage statistics View the license details and subscription details View and change the subscription key Modify the user authentication settings Customize the token appearance on the Starling 2FA app What you can do with One Identity Authentication 4

2 Logging in to Authentication dashboard To log in to the dashboard: 1. Log in to Starling account. If you are logging in to the Starling account for the first time, do one of the following: If you have a Starling account, when a subscription is created for you, you will receive a Starling invitation email. Click the link in the email and log in to the Starling account. If you do not have a Starling account, when a subscription is created for you, you will get a Starling Sign-up email to complete a registration process to create a Starling account. Complete the registration and log in using the credentials that you have provided during registration. For account creation details, see the One Identity Starling User Guide. 2. Under My Services, click Two-Factor Authentication. Authentication Dashboard is displayed. 5 Logging in to Authentication dashboard

3 Managing subscription The Dashboard tab displays the details of Authentication service usage statistics for the current month, license details, subscription details and the subscription key. These details help in tracking and managing the subscription. Service usage statistics Service usage statistics section displays the details of the service usage for the current month such as number of users using the service, phone calls, SMS and authentications. It also provides a graphical representation of the service usage. License details License details section displays the details of the subscription such as license status, number of allotted licenses, number of users currently using the subscription, license creation date and license expiry date. Subscription details Subscription details section displays the Subscription Id and Subscription name. Subscription key Subscription key section displays the subscription key allotted to you when a new subscription is created for you. You can use this key to configure your software that uses Authentication. If the subscription key is used by unauthorized users or 6 Managing subscription

used inappropriately, the Administrator can change the subscription key. After the new key is created, the current key will be valid only for next 24 hours. 7 Managing subscription

4 Managing collaborators The Collaborators tab displays the all the collaborators and their roles assigned by the Administrators. Collaborators are users who are assigned with certain roles. They manage the administrative and general tasks in Authentication. Collaborators can log in to Dashboard and perform the tasks as per the roles assigned to them. Collaborators are categorized into three: Helpdesk user, Administrator, and Primary Administrator. A Helpdesk user performs general tasks, whereas Administrators and Primary Administrators perform administrative tasks. The tasks initiated by an Administrator require approval from at least one other Administrator. Any Administrator other than the one who initiated the action can approve or cancel a request. The Administrator who initiated the action can resend the approval email. A Primary Administrator can perform the tasks of a Helpdesk user and Administrator without any approval. The following table lists the various tasks that each collaborator role can perform. Table 1: Collaborator roles and tasks Tasks Helpdesk user Administrator Primary Administrator Log in to Dashboard Yes Yes Yes Create, manage, and delete users, who use two-factor authentication Run health check for the Starling 2FA app installed on the user s device Yes Yes Yes Yes Yes Yes Generate temporary response code Yes Yes Yes View and change subscription key No Yes Yes Add new Administrators and Helpdesk users No Yes Yes Delete Administrator and Helpdesk users No Yes Yes 8 Managing collaborators

Tasks Helpdesk user Administrator Primary Administrator Change the role No Yes Yes Change subscription settings No Yes Yes 9 Managing collaborators

5 Managing approvals The Approvals tab displays all the approval requests received from other Administrators for administrative actions that require an approval from another Administrator. In such cases, the Administrators receive an approval email or receive an approval link in the Approvals tab. To complete an approval for an administrative action, do one of the following: Click the link in the approval email and approve the action. Access the Approvals section on the Dashboard and approve or cancel the request. 10 Managing approvals

6 Managing user accounts The Users tab displays all the users who have subscribed for Authentication for two-factor authentication. You can manage the user accounts by performing the following user management tasks: Creating new user account: When a new user requires two-factor authentication security for his application, you can click Add and create a new user account. The user account must be created checking the license capacity of the subscription. Disabling and enabling the user account: When a user s phone is lost or is defective, you can click Disable and disable the user account as a security measure. When the phone is available and functional, you can click Enable and activate the disabled account. Deleting and restoring the user account: When a user is not using Starling Two- Factor Authentication, you can click Delete and delete the user account. On selecting the user account for deletion, the account is permanently deleted after 24 hours. If the account is accidentally selected for deletion, you can click Restore and restore the user account. The 24 hour delay in deletion helps to revert the deletion. Generating a temporary response code: When a user s phone is inaccessible, you can click Temporary response and provide the user a temporary response code for two-factor authentication. The code is valid for 15 minutes. Performing heath check: You can click Health check and verify whether the Starling 2FA app on the user s device is working properly or not. 11 Managing user accounts

7 Customizing settings The Settings tab displays all the user authentication settings and the options to customize the token UI. You can set the User authentication settings and customize the token UI as per the requirement. Customizing user authentication The General tab displays the options to configure user authentication methods and to send installation instructions to install Starling 2FA app for authentication. If the Installation instructions option is set to ON, when a new user is added to the subscription, the user receives an SMS with instructions to install Starling 2FA app. You can configure the required methods for two-factor authentication on this tab. The following are the available options: Push notifications SMS Phone call NOTE: If the option is already enabled, it is not displayed. If the option is not enabled, you can enable it. If enabled, you cannot disable the option. Interactive phone calls Enforce token verification To enable an option, set the option to ON. 12 Customizing settings

Customizing token UI The Token UI tab allows you to customize the appearance of the token user interface on Starling 2FA app. You can customize the images for main logo, menu logo and specify colors for the token. NOTE: The logo images must be in PNG format and the file size must not exceed 128 KB. The dimensions of main logo must not exceed 588 X 214 pixels. The dimensions of menu logo must not exceed 81 X 81 pixels. You can also configure a token name to display on the Starling 2FA app. By default, the subscription name is displayed as the token name on the app. You can set a token name which is not more that 30 characters in the Token name field. When the customization is complete, the Starling 2FA app reflects the changes made on the Dashboard. 13 Customizing settings

About us About us Contacting us For sales or other inquiries, visit www.quest.com/company/contact-us.aspx or call +1 949 754-8000. Technical support resources Technical support is available to One Identity customers with a valid maintenance contract and customers who have trial versions. You can access the Quest Support Portal at https://support.quest.com. The Support Portal provides self-help tools you can use to solve problems quickly and independently, 24 hours a day, 365 days a year. The Support Portal enables you to: Submit and manage a Service Request View Knowledge Base articles Sign up for product notifications Download software and technical documentation View how-to-videos Engage in community discussions Chat with support engineers online View services to assist you with your product 14 About us

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback