| General
tab |
|
Realm Name
|
Specifies the name of the realm.
|
Enter a name.
|
|
Description
|
Describes the realm.
|
Enter a description.
|
|
When editing, start on the Role Mapping page
|
Specifies that the Role
Mapping tab is selected when you open the realm for editing.
|
Select General > When editing, start on
the Role Mapping page to enable this option.
|
|
Authentication
|
Specifies an authentication server to use for authenticating
users who sign in to this realm.
|
Select an authentication server from the drop-down list.
|
|
Directory/Attribute
|
Specifies a directory/attribute server to use for retrieving
user attribute and group information for role mapping rules and resource
policies.
|
Select a directory/attribute server from the drop-down
list (optional).
|
|
Accounting
|
Specifies a RADIUS accounting server to use to track
when a user signs in and out of the Secure Access device.
|
Select a RADIUS accounting server from the drop-down
list (optional).
|
|
Additional Authentication Server
|
Specifies the name of the secondary authentication server
to submit secondary user credentials to an SSO-enabled resource or
enable two-factor authentication to access the Secure Access device.
Note:
You cannot choose an anonymous server, certificate server,
or eTrust SiteMinder server.
|
Select a secondary authentication server from the drop-down
list.
|
|
End session if authentication against this server fails
|
Controls access to the Secure Access device based on
the successful authentication of the user’s secondary credentials.
If selected, authentication fails if the user’s secondary credentials
fail.
|
Select General > End session if authentication
against this server fails to enable this option.
|
|
Username for Secondary Auth
|
Specifies the username of the secondary authentication
server.
|
Select the mode of submission of username to the secondary
authentication server from the drop-down list:
-
Username is specified by user on sign-in
page—Prompts the user to manually submit his username
to the secondary server during the Secure Access device sign-in process.
-
Predefined user name template—Automatically submits a username to the secondary server during
the Secure Access device sign-in process.
|
|
Predefined User Name
|
Specifies the predefined username.
|
Enter static text or a valid variable.
|
|
Password for Secondary Auth
|
Specifies the password for the secondary authentication
server.
|
Select the mode of submission of password to the secondary
authentication server from the drop-down list:
-
Username is specified by user on sign-in
page—Prompts the user to manually submit his password
to the secondary server during the Secure Access device sign-in process.
-
Predefined user name template—Automatically submits a password to the secondary server during
the Secure Access device sign-in process.
|
|
Predefined Password
|
Specifies the predefined password.
|
Enter static text or a valid variable.
|
|
Enable Dynamic policy evaluation
|
Uses dynamic policy evaluation for this realm.
|
Select General > Enable Dynamic policy evaluation to enable an automatic timer for dynamic policy evaluation of this
realm’s authentication policy, role mapping rules, and role
restrictions.
|
|
Refresh roles
|
Refreshes the roles of all users in this realm. (This
option does not control the scope of the Refresh Now button.)
|
Select General > Refresh roles to enable this option.
|
|
Refresh policies
|
Refreshes the resource policies (not including Meeting
and Email Client) for all users in this realm. (This option does not
control the scope of the Refresh Now button.)
|
Select General > Refresh policies to enable this option.
|
|
Refresh interval (minutes)
|
Specifiesy how often you want the Secure Access device
to perform an automatic policy evaluation of all currently signed-in
realm users.
|
Ener the number of minutes (5 to 1440).
|
